Cisco’s Unified CCX software is touted as a contact center in a box that allows companies to deploy customer-care applications. The flaw (CVE-2020-3280) stems from the Java Remote Management Interface of the product. The tech giant also released a fix addressing a high-severity flaw in its Prime Network Registrar, which enables dynamic host configuration protocol (DHCP) services (as well as DNS services) The flaw stems from insufficient input validation of incoming DHCP traffic.
Source: https://threatpost.com/critical-cisco-rce-flaw-unified-ccx/155980/