Rewterz Threat Advisory – Multiple Cisco Unified Communications Products Vulnerabilities
July 7, 2022Rewterz Threat Advisory – CVE-2022-20808 – Cisco Smart Software Manager On-Prem Vulnerability
July 7, 2022Rewterz Threat Advisory – Multiple Cisco Unified Communications Products Vulnerabilities
July 7, 2022Rewterz Threat Advisory – CVE-2022-20808 – Cisco Smart Software Manager On-Prem Vulnerability
July 7, 2022Severity
Medium
Analysis Summary
CVE-2022-20768
Cisco TelePresence Collaboration Endpoint and RoomOS Software could allow a remote authenticated attacker to obtain sensitive information, caused by the storage of certain unencrypted credentials. By gaining access to the audit logs, an attacker could exploit this vulnerability to obtain user credentials information, and use this information to launch further attacks against the affected system.
Impact
- Information Theft
Indicators Of Compromise
CVE
- CVE-2022-20768
Affected Vendors
Cisco
Affected Products
- Cisco RoomOS Software
- Cisco TelePresence Collaboration Endpoint Software
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.