{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20060", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2025-10-08T11:59:15.356Z", "datePublished": "2026-04-15T16:11:20.842Z", "dateUpdated": "2026-04-15T16:56:34.222Z"}, "containers": {"cna": {"title": "Cisco Unity Connection Open Redirect Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "baseScore": 4.7, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.\r\n\r\nThis vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious web page."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-vulns-n2EJSbbw", "name": "cisco-sa-unity-vulns-n2EJSbbw"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-unity-vulns-n2EJSbbw", "discovery": "EXTERNAL", "defects": ["CSCwq36828"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "URL Redirection to Untrusted Site ('Open Redirect')", "type": "cwe", "cweId": "CWE-601"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco Unity Connection", "versions": [{"version": "14", "status": "affected"}, {"version": "14SU1", "status": "affected"}, {"version": "14SU2", "status": "affected"}, {"version": "14SU3", "status": "affected"}, {"version": "14SU3a", "status": "affected"}, {"version": "15", "status": "affected"}, {"version": "15SU1", "status": "affected"}, {"version": "14SU4", "status": "affected"}, {"version": "15SU2", "status": "affected"}, {"version": "15SU3", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-04-15T16:11:20.842Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20060", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-15T16:42:33.155641Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T16:56:34.222Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20060", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-15T16:42:33.155641Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-15T16:56:16.599Z"}}], "cna": {"title": "Cisco Unity Connection Open Redirect Vulnerability", "source": {"defects": ["CSCwq36828"], "advisory": "cisco-sa-unity-vulns-n2EJSbbw", "discovery": "EXTERNAL"}, "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Unity Connection", "versions": [{"status": "affected", "version": "14"}, {"status": "affected", "version": "14SU1"}, {"status": "affected", "version": "14SU2"}, {"status": "affected", "version": "14SU3"}, {"status": "affected", "version": "14SU3a"}, {"status": "affected", "version": "15"}, {"status": "affected", "version": "15SU1"}, {"status": "affected", "version": "14SU4"}, {"status": "affected", "version": "15SU2"}, {"status": "affected", "version": "15SU3"}], "defaultStatus": "unknown"}], "exploits": [{"lang": "en", "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-vulns-n2EJSbbw", "name": "cisco-sa-unity-vulns-n2EJSbbw"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.\r\n\r\nThis vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious web page."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "cwe", "cweId": "CWE-601", "description": "URL Redirection to Untrusted Site ('Open Redirect')"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-04-15T16:11:20.842Z"}}}, "cveMetadata": {"cveId": "CVE-2026-20060", "state": "PUBLISHED", "dateUpdated": "2026-04-15T16:56:34.222Z", "dateReserved": "2025-10-08T11:59:15.356Z", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2026-04-15T16:11:20.842Z", "assignerShortName": "cisco"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.\r\n\r\nThis vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious web page."}], "id": "CVE-2026-20060", "lastModified": "2026-04-15T17:17:01.250", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "psirt@cisco.com", "type": "Primary"}]}, "published": "2026-04-15T17:17:01.250", "references": [{"source": "psirt@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-vulns-n2EJSbbw"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "psirt@cisco.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-15T19:18:11.455271+00:00", "value": {"mitigation_remediation": ["Apply the Cisco Unity Connection patch released in the referenced advisory to fix input validation.", "If a patch is unavailable or delayed, restrict external access to the management interface or enable network-level authentication to limit exposure.", "Implement URL whitelisting or blacklist filters on the application or web proxy to prevent unexpected redirects."], "summary": {"action": "Patch Immediately", "impact": "Open Redirect to malicious site"}, "threat_synthesis": {"affected_systems": "Cisco Unity Connection \u2013 a unified communications platform. No specific affected versions are listed in the advisory, so the vulnerability may exist in multiple releases of the web management interface.", "description_and_impact": "A vulnerability in the web-based management interface of Cisco Unity Connection permits an unauthenticated remote attacker to manipulate HTTP request parameters so that a user is redirected to a malicious web page. This open redirect flaw enables phishing or credential-stealing campaigns by piggybacking on legitimate user traffic. The weakness is rooted in unvalidated input handling, classifying it as a CWE-601 Open Redirect condition.", "risk_and_exploitability": "The CVSS base score of 4.7 indicates moderate risk, and the lack of an EPSS score means the likelihood of exploitation cannot be quantified from publicly available data. The vulnerability is not catalogued in the CISA KEV list. Exposing the management interface to the internet or allowing users to follow forged links provides a straightforward attack vector, enabling the attacker to redirect users to malicious sites and facilitate phishing or other social-engineering attacks."}}}}, "created": "2026-04-15T19:30:12.380718+00:00", "updated": "2026-04-15T19:30:12.380729+00:00", "vendors": []}