CVE-2022-20794
published 2022-05-04CVE-2022-20794: Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker…
medium4.7CVSS 3.1
AVNACLPRNUIRSCCNILAN
Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker to cause a denial of service (DoS) condition, view sensitive data on an affected device, or redirect users to an attacker-controlled destination. For more information about these vulnerabilities, see the Details section of this advisory.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_roomos_software | — | — |
| cisco | roomos | < 2021-05 | 2021-05 |
| cisco | telepresence_collaboration_endpoint | < 9.15.0.11 | 9.15.0.11 |
| cisco | telepresence_collaboration_endpoint | >= 10.0.0.0 < 10.8.2.5 | 10.8.2.5 |
| cisco | telepresence_collaboration_endpoint_and_roomos | — | — |