CNNVD-202507-166 Information

CNNVD ID

CNNVD-202507-166

Related CVE

CVE-2025-20309

• CNNVD Published: 2025-07-02

Description (Chinese)

Cisco Unified Communications Manager是美国思科（Cisco）公司的一款统一通信系统中的呼叫处理组件。该组件提供了一种可扩展、可分布和高可用的企业IP电话呼叫处理解决方案。 Cisco Unified Communications Manager存在安全漏洞，该漏洞源于root账户静态凭据无法更改，可能导致未授权访问和任意命令执行。

Description (English)

Cisco United Communications Manager is a call-processing component of a unified communications system of Cisco. The component provides an extended, distributed and highly usable enterprise IP call processing solution. Cisco United Commissions Manager has a security loophole, which stems from the unalterable static evidence of the root account, which may lead to unauthorized access and arbitrary orders.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

思科

Published

2025-07-02

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssh-m4UBdpE7

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssh-m4UBdpE7