{“lastseen”:””,”description”:”Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker\\u0026nbsp;to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials.\\u0026nbsp;\\r\\n\\r\\nThese vulnerabilities are due to improper sanitization of user input to the web-based management interface. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request. A successful exploit could allow the attacker to download arbitrary files from an affected system.”,”published”:”2026-04-15T16:03:23.282Z”,”modified”:”2026-04-15T16:03:23.282Z”,”type”:”cve”,”title”:”Cisco Unity Connection Arbitrary File Download Vulnerability”,”source”:”cisco”,”references”:”https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-unity-file-download-RmKEVWPx”,”id”:”CVE-2026-20081″,”bulletinFamily”:””,”cwe”:null,”cvelist”:null,”sourceData”:”Cisco Cisco Unity Connection 12.5(1)\\nCisco Cisco Unity Connection 12.5(1)SU1\\nCisco Cisco Unity Connection 12.5(1)SU2\\nCisco Cisco Unity Connection 12.5(1)SU3\\nCisco Cisco Unity Connection 12.5(1)SU4\\nCisco Cisco Unity Connection 14\\nCisco Cisco Unity Connection 12.5(1)SU5\\nCisco Cisco Unity Connection 14SU1\\nCisco Cisco Unity Connection 12.5(1)SU6\\nCisco Cisco Unity Connection 14SU2\\nCisco Cisco Unity Connection 12.5(1)SU7\\nCisco Cisco Unity Connection 14SU3\\nCisco Cisco Unity Connection 12.5(1)SU8\\nCisco Cisco Unity Connection 14SU3a\\nCisco Cisco Unity Connection 12.5(1)SU8a\\nCisco Cisco Unity Connection 15\\nCisco Cisco Unity Connection 15SU1\\nCisco Cisco Unity Connection 14SU4\\nCisco Cisco Unity Connection 12.5(1)SU9\\nCisco Cisco Unity Connection 15SU2\\nCisco Cisco Unity Connection 15SU3\\nCisco Cisco Unity Connection 14SU5″,”sourceHref”:””,”cvss”:{“score”:6.5,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:N\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Cisco Unity Connection”,”version”:”12.5(1)”,”vendor”:”Cisco”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker\\u0026nbsp;to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,26,12,21,13,7,11,5],"class_list":["post-47220","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-65","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n