Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities
CVE-2022-20955

5.5MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Roomos Software
Vendor: CVE Published:; 26 October 2022

Badges

👾 Exploit Exists

What is CVE-2022-20955?

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Affected Version(s)

Cisco RoomOS Software

References

https://tools.cisco.com/security/center/content/CiscoSecu...

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Aug 3, 2024
Vulnerability published
Oct 26, 2022
Vulnerability Reserved
Nov 2, 2021