Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system.
Tracked as CVE-2024-20272 (CVSS score: 7.3), the vulnerability is an arbitrary file upload bug residing in the web-based management interface and is the result of a lack of authentication in a specific



Source: TheHackerNews
Source Link: https://thehackernews.com/2024/01/cisco-fixes-high-risk-vulnerability.html