CVE-2026-20060 Cisco — Exploit & Vulnerability Details MEDIUM

Parameter	Value
CVSS	4.7 (MEDIUM)
Type	CWE-601 (Open Redirect)
Vendor	Cisco
Public PoC	No

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by persuading a user to click a crafted link.

A successful exploit could allow the attacker to redirect a user to a malicious web page.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

None

No privileges needed

User Interaction

Required

User action required

Impact Assessment

Confidentiality

None

No data leak

Integrity

Low

Partial data modification

Availability

None

No disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-601 Open Redirect

References 1

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/c…

psirt@cisco.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-20186

Cisco

9.9

CVE-2026-20184

Cisco

9.8

CVE-2026-20180

Cisco

9.9

CVE-2026-20170

Cisco

6.1

CVE-2026-20161

Cisco

5.5

Menu

CVE-2026-20060

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-20186

CVE-2026-20184

CVE-2026-20180

CVE-2026-20170

CVE-2026-20161

CVE Details

Editor's Choice

Menu

CVE-2026-20060

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-20186

CVE-2026-20184

CVE-2026-20180

CVE-2026-20170

CVE-2026-20161

CVE Details

Editor's Choice

Stay informed on cybersecurity