Cisco Products Multiple Vulnerabilities
Last Update Date:
21 Oct 2022
Release Date:
6 Oct 2022
6406
Views
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities were identified in Cisco Products. A remote attacker could exploit some of these vulnerabilities to security restriction bypass, remote code execution, data manipulation, elevation of privilege and cross-site scripting the targeted system.
[Updated on 2022-10-21]
Notes: Proof Of Concept Exploit Code Is Publicly Available for CVE-2022-20917
Impact
- Security Restriction Bypass
- Elevation of Privilege
- Remote Code Execution
- Data Manipulation
- Cross-Site Scripting
System / Technologies affected
- Cisco Enterprise NFV Infrastructure Software
- Cisco Expressway Series and Cisco TelePresence Video Communication Server
- Cisco Touch 10 Devices
- Cisco Secure Web Appliance Content Encoding Filter
- Cisco BroadWorks Hosted Thin Receptionist
- Cisco ATA 190 Series Analog Telephone Adapter Software
- Cisco Smart Software Manager On-Prem
Proof Of Concept Exploit Code Is Publicly Available:
- Cisco Jabber Client Software Extensible Messaging and Presence Protocol
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-NFVIS-ISV-BQrvEv2h
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-csrf-sqpsSfY6
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CTT-DAV-HSvEHHEt
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CTT-IVV-4A66Dsfj
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-bwBfugek
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-thinrcpt-xss-gSj4CecU
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-SEjz69dv
Proof Of Concept Exploit Code Is Publicly Available:
Vulnerability Identifier
- CVE-2022-20686
- CVE-2022-20687
- CVE-2022-20688
- CVE-2022-20689
- CVE-2022-20690
- CVE-2022-20691
- CVE-2022-20766
- CVE-2022-20793
- CVE-2022-20814
- CVE-2022-20853
- CVE-2022-20917
- CVE-2022-20929
- CVE-2022-20931
- CVE-2022-20939
- CVE-2022-20948
- CVE-2022-20952
Source
Related Link
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-NFVIS-ISV-BQrvEv2h
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-csrf-sqpsSfY6
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CTT-DAV-HSvEHHEt
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CTT-IVV-4A66Dsfj
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-bwBfugek
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-thinrcpt-xss-gSj4CecU
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ata19x-multivuln-GEZYVvs
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-SEjz69dv
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-jabber-xmpp-Ne9SCM
Related Tags
Share with