CVE-2022-20955

CWE-200Information ExposureCWE-22Path TraversalCWE-23CWE-614 documents4 sources
Severity
7.1HIGH
EPSS
0.5%
top 32.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Telepresence Collaboration EndpointCisco Cisco Roomos Software
Timeline
PublishedOct 26

Description

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:NExploitability: 1.2 | Impact: 4.2

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-2vcj-c8c3-rrf8: Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path2022-10-26
CVEList
Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities2022-10-26

📋Vendor Advisories

1
Cisco
Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities2022-10-19
CVE-2022-20955 (HIGH CVSS 7.1) | Multiple vulnerabilities in Cisco T | cvebase.io