First published: Wed Oct 26 2022(Updated: )
Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco TelePresence Collaboration Endpoint | >=9.0.0.0<9.15.13.0 | |
Cisco TelePresence Collaboration Endpoint | >=10.0.0.0<10.15.2.2 | |
Cisco RoomOS | <10.15.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
There are multiple vulnerabilities that could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device.
The severity of CVE-2022-20811 is high with a CVSS score of 7.2.
An attacker can exploit CVE-2022-20811 by conducting path traversal attacks, viewing sensitive data, or writing arbitrary files on an affected device.
The affected software by CVE-2022-20811 includes Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software.
To fix the vulnerabilities, install the relevant software updates provided by Cisco.