Skip to main content

Cisco Products Multiple Vulnerabilities

Last Update Date: 21 Oct 2022 Release Date: 6 Oct 2022 5464 Views

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities were identified in Cisco Products. A remote attacker could exploit some of these vulnerabilities to security restriction bypass, remote code execution, data manipulation, elevation of privilege and cross-site scripting the targeted system.

 

[Updated on 2022-10-21]

Notes: Proof Of Concept Exploit Code Is Publicly Available for CVE-2022-20917


Impact

  • Security Restriction Bypass
  • Elevation of Privilege
  • Remote Code Execution
  • Data Manipulation
  • Cross-Site Scripting

System / Technologies affected

  • Cisco Enterprise NFV Infrastructure Software
  • Cisco Expressway Series and Cisco TelePresence Video Communication Server
  • Cisco Touch 10 Devices
  • Cisco Secure Web Appliance Content Encoding Filter
  • Cisco BroadWorks Hosted Thin Receptionist
  • Cisco ATA 190 Series Analog Telephone Adapter Software
  • Cisco Smart Software Manager On-Prem

Proof Of Concept Exploit Code Is Publicly Available:

  • Cisco Jabber Client Software Extensible Messaging and Presence Protocol

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Proof Of Concept Exploit Code Is Publicly Available:


Vulnerability Identifier


Source


Related Link