Impact
The updated CVE description clarifies that the vulnerability is a server‑side request forgery that allows unauthenticated attackers to send crafted HTTP requests to an enabled WebDialer service, enabling arbitrary file writes to the host operating system and potentially privilege escalation to root. It emphasizes that the flaw arises from improper input validation in specific HTTP endpoints and requires WebDialer to be active, which is disabled by default, reducing the attack surface.
Affected Systems
Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition are impacted, but only installations where the WebDialer service is enabled are vulnerable. The service is disabled by default, so environments that have not explicitly enabled WebDialer are not affected, and no specific version details are provided.
Risk and Exploitability
The CVSS score of 8.6 and an EPSS score of 42% indicate a high severity with a significant likelihood of exploitation. This vulnerability is listed in the CISA KEV catalog, underscoring its real‑world exploitation risk. An attacker who can reach the affected device via the WebDialer interface can issue HTTP requests that result in arbitrary file writes, providing a direct path to privilege escalation on the CUCM host.
OpenCVE Enrichment