CVE-2022-20811

CVE Database · CVE-2022-20811

CVE-2022-20811

· MEDIUMModified

CVSS v3.1

5.5

EPSS

0.66%

Published

Oct 26, 2022

Modified

Nov 21, 2024

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N

Weaknesses (CWE)

CWE-200CWE-22

Affected Products (3)

cisco · telepresence_collaboration_endpoint (up to 9.15.13.0)vulnerable

cisco · telepresence_collaboration_endpoint (up to 10.15.2.2)vulnerable

cisco · roomos (up to 10.15.1)vulnerable

References (2)

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-trav-beFvCcyu

Vendor Advisory

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-trav-beFvCcyu

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs