CVE-2025-20326
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-03

Last updated on: 2025-09-10

Assigner: Cisco Systems, Inc.

Description
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) Software and Cisco Unified CM Session Management Edition (SME) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-03
Last Modified
2025-09-10
Generated
2026-06-16
AI Q&A
2025-09-03
EPSS Evaluated
2026-06-15
NVD
CVE-2025-20326
EUVD
EUVD-2025-26610
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
cisco unified_communications_manager From 15.0 (inc) to 15su3 (exc)
cisco unified_communications_manager 12.5
cisco unified_communications_manager 14.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-352 The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a cross-site request forgery (CSRF) issue in the web-based management interface of Cisco Unified Communications Manager (Unified CM) Software and Cisco Unified CM Session Management Edition (SME) Software. It occurs because the interface lacks sufficient CSRF protections. An unauthenticated, remote attacker can exploit this by tricking a user into clicking a malicious link, which then allows the attacker to perform arbitrary actions with the same privileges as the affected user. [1]

Impact Analysis

If exploited, this vulnerability could allow an attacker to perform unauthorized actions on the affected device with the privileges of the user who clicks the malicious link. Although the impact on confidentiality and availability is none, there is a low impact on integrity. This means an attacker could potentially alter settings or configurations via the management interface, which could disrupt normal operations or security settings. [1]

Detection Guidance

There are no specific detection commands or methods provided for this vulnerability. Since it is a CSRF vulnerability in the web-based management interface, detection would typically involve monitoring for suspicious user interactions or unauthorized actions, but no explicit detection commands are available. [1]

Mitigation Strategies

Immediate mitigation steps include upgrading to the fixed software releases starting from Cisco Unified CM release 15SU3 or later. No workarounds are available, so applying the official software updates from Cisco is necessary to address the vulnerability. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-20326. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart