Critical Cisco Unity Connection flaw gives attackers root privileges. Patch now! (CVE-2024-20272)

Cisco has fixed a critical vulnerability (CVE-2024-20272) in Cisco Unity Connection that could allow an unauthenticated attacker to upload arbitrary files and gain root privilege on the affected system. Cisco Unity Connection is a unified messaging and voicemail solution for email inbox, web browser, Cisco Jabber, Cisco Unified IP Phone, smartphone, and tablet. About CVE-2024-20272 CVE-2024-20272 is an unauthenticated arbitrary file upload vulnerability in the web-based management interface of Cisco Unity Connection that could be … More →

The post …

arbitrary files attacker attackers browser cisco critical critical vulnerability cve don't miss email files flaw hot stuff jabber messaging patch privilege privileges root security update solution system unauthenticated unity unity connection upload voicemail vulnerability web web browser