CVE-2022-20794

Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker to cause a denial of service (DoS) condition, view sensitive data on an affected device, or redirect users to an attacker-controlled destination. For more information about these vulnerabilities, see the Details section of this advisory.
Configurations

Configuration 1

cpe:2.3:a:cisco:telepresence_collaboration_endpoint:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:telepresence_collaboration_endpoint:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:roomos:*:*:*:*:*:*:*:*

Information

Published : 2022-05-04 05:15

Updated : 2022-05-11 07:10


NVD link : CVE-2022-20794

Mitre link : CVE-2022-20794

Products Affected
CWE
CWE-601

URL Redirection to Untrusted Site ('Open Redirect')