VDB
CVE-2022-20754
CVE-2022-20754
PUBLISHED
CVSS 9 CRITICAL
De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.
EPSS 2.48% · 85.6th percentile
Risk Scores
CVSS 3.1
9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
EPSS Score
2.48%
85.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | N/A | |
| Cisco | Identity Services Engine | |
| cisco | telepresence_video_communication_server | 0 |
| Cisco | Cisco TelePresence Video Communication Server (VCS) Expressway | * |
Exploit Intelligence
Timeline
- Mar 3, 2022 CVE Published
- Apr 9, 2022 EPSS Score
- Apr 15, 2022 EPSS Score
- May 29, 2022 EPSS Score
- Sep 8, 2022 EPSS Score
- Oct 29, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 6, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 29, 2023 EPSS Score
- Jul 7, 2023 EPSS Score
- Aug 27, 2023 EPSS Score
References
- https://nvd.nist.gov/vuln/detail/CVE-2022-20754 advisory
- 20220303 Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities vendor-advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-uccsmi-prvesc-BQHGe4cm advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-dos-JLh9TxBp advisory