6.8
CVE-2022-20793
- EPSS 0.11%
- Veröffentlicht 15.11.2024 16:15:22
- Zuletzt bearbeitet 30.07.2025 17:12:24
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
Cisco Touch 10 Device Insufficient Identity Verification Vulnerability
A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device. This vulnerability is due to insufficient identity verification. An attacker could exploit this vulnerability by impersonating a legitimate device and responding to the pairing broadcast from an affected device. A successful exploit could allow the attacker to access the affected device while impersonating a legitimate device.There are no workarounds that address this vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Telepresence Collaboration Endpoint Version9.0.1
Cisco ≫ Telepresence Collaboration Endpoint Version9.1.1
Cisco ≫ Telepresence Collaboration Endpoint Version9.1.2
Cisco ≫ Telepresence Collaboration Endpoint Version9.1.3
Cisco ≫ Telepresence Collaboration Endpoint Version9.1.4
Cisco ≫ Telepresence Collaboration Endpoint Version9.1.5
Cisco ≫ Telepresence Collaboration Endpoint Version9.1.6
Cisco ≫ Telepresence Collaboration Endpoint Version9.2.1
Cisco ≫ Telepresence Collaboration Endpoint Version9.2.2
Cisco ≫ Telepresence Collaboration Endpoint Version9.2.3
Cisco ≫ Telepresence Collaboration Endpoint Version9.2.4
Cisco ≫ Telepresence Collaboration Endpoint Version9.9.3
Cisco ≫ Telepresence Collaboration Endpoint Version9.9.4
Cisco ≫ Telepresence Collaboration Endpoint Version9.10.1
Cisco ≫ Telepresence Collaboration Endpoint Version9.10.2
Cisco ≫ Telepresence Collaboration Endpoint Version9.10.3
Cisco ≫ Telepresence Collaboration Endpoint Version9.12.3
Cisco ≫ Telepresence Collaboration Endpoint Version9.12.4
Cisco ≫ Telepresence Collaboration Endpoint Version9.12.5
Cisco ≫ Telepresence Collaboration Endpoint Version9.13.0
Cisco ≫ Telepresence Collaboration Endpoint Version9.13.1
Cisco ≫ Telepresence Collaboration Endpoint Version9.13.2
Cisco ≫ Telepresence Collaboration Endpoint Version9.13.3
Cisco ≫ Telepresence Collaboration Endpoint Version9.14.3
Cisco ≫ Telepresence Collaboration Endpoint Version9.14.4
Cisco ≫ Telepresence Collaboration Endpoint Version9.14.5
Cisco ≫ Telepresence Collaboration Endpoint Version9.14.6
Cisco ≫ Telepresence Collaboration Endpoint Version9.14.7
Cisco ≫ Telepresence Collaboration Endpoint Version9.15.0.10
Cisco ≫ Telepresence Collaboration Endpoint Version9.15.0.11
Cisco ≫ Telepresence Collaboration Endpoint Version9.15.0.13
Cisco ≫ Telepresence Collaboration Endpoint Version9.15.0.19
Cisco ≫ Telepresence Collaboration Endpoint Version9.15.3.17
Cisco ≫ Telepresence Collaboration Endpoint Version9.15.3.18
Cisco ≫ Telepresence Collaboration Endpoint Version9.15.3.19
Cisco ≫ Telepresence Collaboration Endpoint Version9.15.3.22
Cisco ≫ Telepresence Collaboration Endpoint Version9.15.3.25
Cisco ≫ Telepresence Collaboration Endpoint Version9.15.3.26
Cisco ≫ Telepresence Collaboration Endpoint Version9.15.8.12
Cisco ≫ Telepresence Collaboration Endpoint Version9.15.10.8
Cisco ≫ Telepresence Collaboration Endpoint Version9.15.13.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.297 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@cisco.com | 6.8 | 1.6 | 5.2 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
|
CWE-325 Missing Cryptographic Step
The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.