{"api_version":"1","generated_at":"2026-04-15T21:31:08+00:00","cve":"CVE-2026-20061","urls":{"html":"https://cve.report/CVE-2026-20061","api":"https://cve.report/api/cve/CVE-2026-20061.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2026-20061","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2026-20061"},"summary":{"title":"Cisco Unity Connection SQL Injection Vulnerability","description":"A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP(S) request to the web-based management interface of an affected device. A successful exploit could allow the attacker to view data on the affected device.","state":"PUBLISHED","assigner":"cisco","published_at":"2026-04-15 17:17:01","updated_at":"2026-04-15 17:17:01"},"problem_types":["CWE-89","CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"],"metrics":[{"version":"3.1","source":"psirt@cisco.com","type":"Primary","score":"4.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"CVSSV3_1","score":"4.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","version":"3.1"}}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-vulns-n2EJSbbw","name":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-vulns-n2EJSbbw","refsource":"psirt@cisco.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-20061","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20061","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Cisco","product":"Cisco Unity Connection","version":"affected 14","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unity Connection","version":"affected 14SU1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unity Connection","version":"affected 14SU2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unity Connection","version":"affected 14SU3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unity Connection","version":"affected 14SU3a","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unity Connection","version":"affected 15","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unity Connection","version":"affected 15SU1","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unity Connection","version":"affected 14SU4","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unity Connection","version":"affected 15SU2","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unity Connection","version":"affected 15SU3","platforms":[]},{"source":"CNA","vendor":"Cisco","product":"Cisco Unity Connection","version":"affected 14SU5","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[{"source":"CNA","title":"","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.","time":"","lang":"en"}],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2026-20061","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-04-15T16:42:14.106646Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-04-15T16:56:34.089Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unknown","product":"Cisco Unity Connection","vendor":"Cisco","versions":[{"status":"affected","version":"14"},{"status":"affected","version":"14SU1"},{"status":"affected","version":"14SU2"},{"status":"affected","version":"14SU3"},{"status":"affected","version":"14SU3a"},{"status":"affected","version":"15"},{"status":"affected","version":"15SU1"},{"status":"affected","version":"14SU4"},{"status":"affected","version":"15SU2"},{"status":"affected","version":"15SU3"},{"status":"affected","version":"14SU5"}]}],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP(S) request to the web-based management interface of an affected device. A successful exploit could allow the attacker to view data on the affected device."}],"exploits":[{"lang":"en","value":"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","version":"3.1"},"format":"cvssV3_1"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-89","description":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')","lang":"en","type":"cwe"}]}],"providerMetadata":{"dateUpdated":"2026-04-15T16:11:20.865Z","orgId":"d1c1063e-7a18-46af-9102-31f8928bc633","shortName":"cisco"},"references":[{"name":"cisco-sa-unity-vulns-n2EJSbbw","url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-vulns-n2EJSbbw"}],"source":{"advisory":"cisco-sa-unity-vulns-n2EJSbbw","defects":["CSCwq36796"],"discovery":"EXTERNAL"},"title":"Cisco Unity Connection SQL Injection Vulnerability"}},"cveMetadata":{"assignerOrgId":"d1c1063e-7a18-46af-9102-31f8928bc633","assignerShortName":"cisco","cveId":"CVE-2026-20061","datePublished":"2026-04-15T16:11:20.865Z","dateReserved":"2025-10-08T11:59:15.356Z","dateUpdated":"2026-04-15T16:56:34.089Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-04-15 17:17:01","lastModifiedDate":"2026-04-15 17:17:01","problem_types":["CWE-89","CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2026","CveId":"20061","Ordinal":"1","Title":"Cisco Unity Connection SQL Injection Vulnerability","CVE":"CVE-2026-20061","Year":"2026"},"notes":[{"CveYear":"2026","CveId":"20061","Ordinal":"1","NoteData":"A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to perform an SQL injection attack against an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP(S) request to the web-based management interface of an affected device. A successful exploit could allow the attacker to view data on the affected device.","Type":"Description","Title":"Cisco Unity Connection SQL Injection Vulnerability"}]}}}