CVE-2022-20954 — Vulnetix

CVE-2022-20954 PUBLISHED CVSS 5.5 MEDIUM

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

EPSS 0.33% · 56.7th percentile

Risk Scores

CVSS 3.1

5.5

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N

EPSS Score

0.33%

56.7th percentile

Affected Products

Vendor	Product	Versions
Cisco	Cisco RoomOS Software	*
cisco	roomos
cisco	telepresence_collaboration_endpoint	0

Exploit Intelligence

20221019 Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities (circl)

Timeline

Oct 26, 2022 CVE Published
Oct 27, 2022 EPSS Score
Dec 9, 2022 EPSS Score
Jan 22, 2023 EPSS Score
Mar 6, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 19, 2023 EPSS Score
Jun 1, 2023 EPSS Score
Jul 15, 2023 EPSS Score
Aug 27, 2023 EPSS Score
Oct 10, 2023 EPSS Score
Nov 22, 2023 EPSS Score

References

20221019 Cisco TelePresence Collaboration Endpoint and RoomOS Software Vulnerabilities vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2022-20954 advisory

Open in Interactive Console →