Cisco unity connection
This hub aggregates every CVE we track for Cisco unity connection, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.
31
CVEs tracked
1
Critical
6
High
1
In CISA KEV
Severity distribution
MEDIUM24HIGH6CRITICAL1
Monthly trend
0
0
0
0
1
0
0
0
0
0
1
1
0
0
0
0
0
0
1
0
0
5
2
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Cisco unity connection.
- CVE-2026-20034Cisco Unity Connection Remote Code Execution Vulnerability8.8
- CVE-2026-20035Cisco Unity Connection Server-Side Request Forgery Vulnerability7.2
- CVE-2026-20059Cisco Unity Connection Reflected Cross-Site Scripting Vulnerability6.1
- CVE-2026-20061Cisco Unity Connection SQL Injection Vulnerability4.3
- CVE-2026-20060Cisco Unity Connection Open Redirect Vulnerability4.7
- CVE-2026-20081Cisco Unity Connection Arbitrary File Download Vulnerability6.5
- CVE-2026-20078Cisco Unity Connection Arbitrary File Download Vulnerability6.5
- CVE-2026-20045Cisco Unified Communications Products Remote Code Execution VulnerabilityKEV8.2
- CVE-2025-20278Cisco Unified Communications Products Command Injection Vulnerability6.0
- CVE-2025-20112Cisco Unified Communications Products Privilege Escalation Vulnerability5.1
- CVE-2020-3532Cisco Unified Communications Products Cross-Site Scripting Vulnerability6.1
- CVE-2024-20253A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This ...9.9
- CVE-2024-20305A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the in...4.8
- CVE-2024-20272A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system and execute commands ...7.3
- CVE-2023-20259A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the ...8.6
Product normalization is registry-driven with AI assist and human review. How it works