Description
A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an unauthenticated, remote attacker to conduct SSRF attacks through an affected device.

This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device.
Published: 2026-05-06
Score: 7.2 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in the web user interface of Cisco Unity Connection Web Inbox allows an unauthenticated remote attacker to send specially crafted HTTP requests. Improper input validation permits the attacker to instruct the affected device to issue arbitrary network requests from its own network stack. This enables the attacker to probe internal resources, exfiltrate data, or pivot to other systems without first authenticating to Cisco Unity Connection.

Affected Systems

The vulnerability targets Cisco Unity Connection, specifically the Web Inbox component of the Cisco Unity Connection web UI. No specific affected version numbers are listed in the advisory, so all deployed instances of the Web Inbox that have not been patched are potentially susceptible.

Risk and Exploitability

The CVSS score of 7.2 indicates a moderate to high severity, and the absence of an EPSS score means the current exploitation probability is unknown, though the lack of an authentication requirement suggests a low complexity attack path. The advisory does not list this vulnerability in the CISA KEV catalog, so no known exploit is currently documented. Based on the description, the likely attack vector is remote network access to the web UI, with the attacker able to direct any outbound requests from the device to internal or external hosts.

Generated by OpenCVE AI on May 6, 2026 at 17:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest patch or upgrade to the most recent Cisco Unity Connection release that addresses the SSRF issue.
  • Restrict external access to the Unity Connection Web Inbox by configuring firewall rules or IP whitelisting to expose the interface only to trusted management networks.
  • Monitor outbound traffic from Unity Connection servers for unexpected or unusual requests and investigate any anomalies promptly.

Generated by OpenCVE AI on May 6, 2026 at 17:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 06 May 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 06 May 2026 16:45:00 +0000

Type Values Removed Values Added
Description A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an unauthenticated, remote attacker to conduct SSRF attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device.
Title Cisco Unity Connection Server-Side Request Forgery Vulnerability
Weaknesses CWE-918
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2026-05-06T17:27:23.655Z

Reserved: 2025-10-08T11:59:15.353Z

Link: CVE-2026-20035

cve-icon Vulnrichment

Updated: 2026-05-06T17:27:20.084Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-06T17:16:20.280

Modified: 2026-05-06T18:59:53.230

Link: CVE-2026-20035

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-06T17:30:08Z

Weaknesses