CVE-2023-20259

moderate-risk

Published 2023-10-04

A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This API is not used for device management and is unlikely to be used in normal operations of the device. This vulnerability is due to improper API authentication and incomplete validation of the API request. An attacker could exploit this vulnerability by sending a crafted HTTP request to a specific API on the device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to high CPU utilization, which could negatively impact user traffic and management access. When the attack stops, the device will recover without manual intervention.

Do I need to act?

0.14% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.6/10 High

NETWORK / LOW complexity

Affected Products (9)

Emergency Responder

Prime Collaboration Deployment

Unified Communications Manager

Unified Communications Manager Im \& Presence Service

Unity Connection

Affected Vendors

Cisco

References (2)

Vendor Advisory https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ci...

/ 100

moderate-risk

Severity 29/34 · Critical

Exploitability 1/34 · Minimal

Exposure 15/34 · Moderate