Cisco Security Advisory - Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities

Started by Netwörkheäd, July 07, 2022, 06:10:05 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Netwörkheäd

July 07, 2022, 06:10:05 PM
Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities

<p>Multiple vulnerabilities in the API and in the web-based management interface of Cisco&nbsp;Expressway Series and Cisco&nbsp;TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device.</p>
<p><strong>Note:</strong> Cisco&nbsp;Expressway Series refers to the Expressway Control (Expressway-C) device and the Expressway Edge (Expressway-E) device.</p>
<p>For more information about these vulnerabilities, see the <a href="#details">Details</a> section of this advisory.</p>
<p>Cisco&nbsp;has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.</p>
<p>This advisory is available at the following link:<br><a href="https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-overwrite-3buqW8LH">https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-overwrite-3buqW8LH</a></p>
     
         
Security Impact Rating:  Critical
   
   
       
CVE: CVE-2022-20812,CVE-2022-20813
Source: Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities
Let's not argue. Let's network!
Print
Go Up Pages1
User actions