CVE-2022-20809: Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities
First published: Thu May 26 2022(Updated: )
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco TelePresence Video Communication Server | <=x14.0.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-20809.
What is the severity of CVE-2022-20809?
The severity of CVE-2022-20809 is medium (6.5).
What is affected by CVE-2022-20809?
CVE-2022-20809 affects Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) versions up to x14.0.7.
What can an attacker do with CVE-2022-20809?
An authenticated, remote attacker can write files or disclose sensitive information on an affected device.
How can I fix CVE-2022-20809?
To fix CVE-2022-20809, apply the necessary updates or patches provided by Cisco.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/title
- agent/severity
- agent/author
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/cisco
- canonical/cisco telepresence video communication server
- version/cisco telepresence video communication server/x14.0.7