Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-20955— Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities

CVSS 5.5 · Medium EPSS 0.34% · P56
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-20955

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
信息暴露
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco TelePresence Collaboration Endpoint Software和RoomOS Software 路径遍历漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco RoomOS Software和Cisco TelePresence Collaboration Endpoint Software都是美国思科(Cisco)公司的产品。Cisco RoomOS Software是一套用于Cisco设备的自动管理软件。该软件主要用于升级、管理Cisco设备的主板固件。Cisco TelePresence Collaboration Endpoint Software是一套协作终端软件。 Cisco TelePresence Collaboration Endp
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
CiscoCisco RoomOS Software n/a -

II. Public POCs for CVE-2022-20955

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2022-20955

登录查看更多情报信息。

Same Patch Batch · Cisco · 2022-10-26 · 8 CVEs total

CVE-2022-209338.6 HIGHCisco Meraki MX and Z3 Teleworker Gateway VPN Denial of Service Vulnerability
CVE-2022-208227.1 HIGHCisco Identity Services Engine Unauthorized File Access Vulnerability
CVE-2022-209596.1 MEDIUMCisco Identity Services Engine Cross-Site Scripting Vulnerability
CVE-2022-207765.5 MEDIUMCisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities
CVE-2022-209545.5 MEDIUMCisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities
CVE-2022-209535.5 MEDIUMCisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities
CVE-2022-208115.5 MEDIUMCisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities

IV. Related Vulnerabilities

Same product: Cisco RoomOS Software
Same vendor: Cisco
Same weakness: CWE-200

V. Comments for CVE-2022-20955

No comments yet

Leave a comment