First published: Thu May 26 2022(Updated: )
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco TelePresence Video Communication Server | <=x14.0.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-20809.
The severity of CVE-2022-20809 is medium (6.5).
CVE-2022-20809 affects Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) versions up to x14.0.7.
An authenticated, remote attacker can write files or disclose sensitive information on an affected device.
To fix CVE-2022-20809, apply the necessary updates or patches provided by Cisco.