CVE-2021-1362

HIGH

Cisco Unified Communications Manager 10.5(2)-11.5(1)su8 - Authenticated RCE via SOAP API

Title source: llm

Description

A vulnerability in the SOAP API endpoint of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, Cisco Unity Connection, and Cisco Prime License Manager could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper sanitization of user-supplied input. An attacker could exploit this vulnerability by sending a SOAP API request with crafted parameters to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges on the underlying Linux operating system of the affected device.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-pqVYwyb

Scores

CVSS v3 8.8

EPSS 0.0202

EPSS Percentile 84.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-94

Status published

Products (4)

cisco/prime_license_manager 10.5\(2\) - 11.5\(1\)su9

cisco/unified_communications_manager 10.5\(2\) - 11.5\(1\)su9 (2 CPE variants)

cisco/unified_communications_manager_im_\&_presence_service 10.5\(2\) - 11.5\(1\)su9

cisco/unity_connection 10.5\(2\) - 11.5\(1\)su9

Published Apr 08, 2021

Tracked Since Feb 18, 2026