CVE-2022-20764— Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-20764
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker to cause a denial of service (DoS) condition, view sensitive data on an affected device, or redirect users to an attacker-controlled destination. For more information about these vulnerabilities, see the Details section of this advisory.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Cisco产品安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco RoomOS Software和Cisco TelePresence Collaboration Endpoint Software都是美国思科(Cisco)公司的产品。Cisco RoomOS Software是一套用于Cisco设备的自动管理软件。该软件主要用于升级、管理Cisco设备的主板固件。Cisco TelePresence Collaboration Endpoint Software是一套协作终端软件。 Cisco RoomOS Software和Cisco TelePrese
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco RoomOS Software | n/a | - |
II. Public POCs for CVE-2022-20764
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-20764
Please Login to view more intelligence information
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ROS-DOS-X7H7XhkKvendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2022-20764
Same Patch Batch · Cisco · 2022-05-04 · 13 CVEs total
| CVE-2022-20777 | 9.9 CRITICAL | Cisco Enterprise NFV Infrastructure Software Vulnerabilities |
| CVE-2022-20779 | 9.9 CRITICAL | Cisco Enterprise NFV Infrastructure Software Vulnerabilities |
| CVE-2022-20780 | 9.9 CRITICAL | Cisco Enterprise NFV Infrastructure Software Vulnerabilities |
| CVE-2022-20770 | 8.6 HIGH | ClamAV CHM File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 20 |
| CVE-2022-20771 | 7.5 HIGH | ClamAV TIFF File Parsing Denial of Service Vulnerability Affecting Cisco Products: April 2 |
| CVE-2022-20785 | 7.5 HIGH | ClamAV HTML Scanning Memory Leak Vulnerability Affecting Cisco Products: April 2022 |
| CVE-2022-20794 | 6.5 MEDIUM | Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities |
| CVE-2022-20796 | 6.5 MEDIUM | ClamAV Truncated File Denial of Service Vulnerability Affecting Cisco Products: April 2022 |
| CVE-2022-20753 | 4.7 MEDIUM | Cisco Small Business RV Series Routers Remote Code Execution Vulnerability |
| CVE-2022-20801 | 4.7 MEDIUM | Cisco Small Business RV Series Routers Command Injection Vulnerabilities |
| CVE-2022-20799 | 4.7 MEDIUM | Cisco Small Business RV Series Routers Command Injection Vulnerabilities |
| CVE-2022-20734 | 4.4 MEDIUM | Cisco SD-WAN vManage Software Information Disclosure Vulnerability |
IV. Related Vulnerabilities
Same product: Cisco RoomOS Software
- CVE-2026-20119
Cisco TelePresence Collaboration Endpoint Software and RoomO - CVE-2025-20329
Cisco TelePresence Collaboration Endpoint and RoomOS Softwar - CVE-2022-20793
Cisco Touch 10 Device Insufficient Identity Verification Vul - CVE-2023-20004
Cisco TelePresence Collaboration Endpoint and RoomOS Softwar - CVE-2023-20090
Cisco TelePresence Collaboration Endpoint and RoomOS Softwar
Same vendor: Cisco
- CVE-2026-20219
Cisco Slido IDOR漏洞致用户隐私泄露 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
Same weakness: CWE-601
- CVE-2026-42350
Kargo: Open Redirect in UI OIDC Login Flow via redirectTo Qu - CVE-2026-42195
Unvalidated gitlab URL parameter redirects OAuth authorize s - CVE-2026-3318
Multiple vulnerabilities in Cradle e-commerce - CVE-2026-42259
Saltcorn: Open Redirect in `POST /auth/login` due to incompl - CVE-2026-6795
Open Redirect in DivvyDrive Information Technologies' DivvyD
V. Comments for CVE-2022-20764
No comments yet