FKIE_CVE-2022-20814
Vulnerability from fkie_nvd - Published: 2024-11-15 16:15 - Updated: 2025-07-31 15:44
Severity ?
Summary
A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data. The vulnerability is due to a lack of validation of the SSL server certificate that an affected device receives when it establishes a connection to a Cisco Unified Communications Manager device. An attacker could exploit this vulnerability by using a man-in-the-middle technique to intercept the traffic between the devices, and then using a self-signed certificate to impersonate the endpoint. A successful exploit could allow the attacker to view the intercepted traffic in clear text or alter the contents of the traffic.
Note: Cisco Expressway-E is not affected by this vulnerability.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "73A2A365-59AA-48B9-9ABF-914C2B80C7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.1.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "98BDD88B-DF43-4F7C-A6C0-1EECE9C85355",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.1.2:*:*:*:expressway:*:*:*",
"matchCriteriaId": "BE860BF8-AC42-4C10-BC65-9DBF8050E682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.2:*:*:*:expressway:*:*:*",
"matchCriteriaId": "C03A7AEA-8411-4693-84A9-7ADC7F08D87C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.2.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "0D98AE26-55C9-4BA7-B82C-5B328E689418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.2.2:*:*:*:expressway:*:*:*",
"matchCriteriaId": "D50E9F77-0575-43E0-AF83-9A932F4D4F73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5:*:*:*:expressway:*:*:*",
"matchCriteriaId": "9F91E793-E37D-4823-B078-DA96AB422967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "3F16B185-879A-4BA8-B4EB-B032FC8B9674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5.2:*:*:*:expressway:*:*:*",
"matchCriteriaId": "5D58C2C4-F0CB-440A-885A-173DC9B5D32F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.5.3:*:*:*:expressway:*:*:*",
"matchCriteriaId": "95FC0285-58F4-4C17-9DB0-0A495A7FE9BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.6:*:*:*:expressway:*:*:*",
"matchCriteriaId": "E9BB8E50-74EF-4726-A069-C90B09201593",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.6.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "8AEF5B51-8609-40D8-A01B-6696B012FCB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7:*:*:*:expressway:*:*:*",
"matchCriteriaId": "C0DCF6AA-84C1-4B1A-80B0-6942707D9CAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "1590C980-506C-4689-AA91-6C647CC3AF28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7.2:*:*:*:expressway:*:*:*",
"matchCriteriaId": "4E9D0839-13E1-4C95-AFEF-3071A977AB5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.7.3:*:*:*:expressway:*:*:*",
"matchCriteriaId": "6E714552-FDEF-4971-959F-3615E34E6F5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.8:*:*:*:expressway:*:*:*",
"matchCriteriaId": "20A5441C-7798-4EAD-9428-6DA4EF354807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.8.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "1BE2198F-DF53-497E-9945-062ADD3787F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.8.2:*:*:*:expressway:*:*:*",
"matchCriteriaId": "0D7C383F-30E2-4F22-B35D-B73671D1BBCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.8.3:*:*:*:expressway:*:*:*",
"matchCriteriaId": "B478B2B7-269C-4813-A004-225D90715A08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.9:*:*:*:expressway:*:*:*",
"matchCriteriaId": "CBEB2506-7F1B-4227-B5BD-47B28778D7AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.9.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "A000BA48-4ABC-46D4-89EB-CEA8D754B708",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.9.2:*:*:*:expressway:*:*:*",
"matchCriteriaId": "66CBF53D-4174-463A-B902-E50FF63E39B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.10.0:*:*:*:expressway:*:*:*",
"matchCriteriaId": "BFFD53C6-D23A-4CEC-AD1C-7D6A8B920566",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.10.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "F642A732-BA7E-493F-BE62-273997AF3328",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.10.2:*:*:*:expressway:*:*:*",
"matchCriteriaId": "76688320-EE54-4662-BE15-F721EA55D5D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.10.3:*:*:*:expressway:*:*:*",
"matchCriteriaId": "7C3B3879-FCDF-4D12-9B81-24EC70FF6CF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.10.4:*:*:*:expressway:*:*:*",
"matchCriteriaId": "F0B562E3-5E36-4899-A57A-90E653737B09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.11.0:*:*:*:expressway:*:*:*",
"matchCriteriaId": "EA6FF488-FBED-40E6-92CC-39B8749171C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.11.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "F84981B5-0E55-40D6-92F9-57C03A24A44A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.11.2:*:*:*:expressway:*:*:*",
"matchCriteriaId": "A9A37F14-5F65-4C99-A0E2-EACABEDF2286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.11.3:*:*:*:expressway:*:*:*",
"matchCriteriaId": "6F7DC504-15CA-4D44-90E5-5684F474A7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x8.11.4:*:*:*:expressway:*:*:*",
"matchCriteriaId": "36BD629F-0183-41C2-9547-08EAE359BD00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.5.0:*:*:*:expressway:*:*:*",
"matchCriteriaId": "26301BB9-38C0-473F-9FAF-E5DF70E29A36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.5.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "29C38DD2-E763-4B59-83C7-050D08D91637",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.5.2:*:*:*:expressway:*:*:*",
"matchCriteriaId": "684A39DB-7850-4932-922D-9E7A62FC608A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.5.3:*:*:*:expressway:*:*:*",
"matchCriteriaId": "81B09C18-F930-4B67-8309-7FA0889039C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.5.4:*:*:*:expressway:*:*:*",
"matchCriteriaId": "E172DA2A-37B4-4387-AE92-0F0D4F60F736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.5.5:*:*:*:expressway:*:*:*",
"matchCriteriaId": "D09EB9B0-5212-4E32-95E9-93BEC53B4AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.5.6:*:*:*:expressway:*:*:*",
"matchCriteriaId": "2221FF76-F13A-4E8D-88EB-2757AB6DCDCE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.5.7:*:*:*:expressway:*:*:*",
"matchCriteriaId": "FBEE5E76-A827-4031-B1C1-4961C277C5F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.5.8:*:*:*:expressway:*:*:*",
"matchCriteriaId": "156F7D5E-DC54-4687-B80F-3281C779135F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.5.9:*:*:*:expressway:*:*:*",
"matchCriteriaId": "8BDFCFC1-8230-4051-9B5D-73349C288E46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.6.0:*:*:*:expressway:*:*:*",
"matchCriteriaId": "98E3BF27-037E-474F-B55A-12750943499D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.6.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "9F2CF11F-735B-458F-9F2F-8E2322FC39DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.6.2:*:*:*:expressway:*:*:*",
"matchCriteriaId": "22089B78-2048-4192-826B-76AA3FAE7E22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.6.3:*:*:*:expressway:*:*:*",
"matchCriteriaId": "C826FD6A-948C-4B09-8061-E800BD6E1963",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.6.4:*:*:*:expressway:*:*:*",
"matchCriteriaId": "2CE43D3E-BC2F-4CBC-8213-13028B88B1B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.7.0:*:*:*:expressway:*:*:*",
"matchCriteriaId": "60DF84F3-B71E-4860-A6B7-61AB5D201702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x12.7.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "06852E84-8BEC-403D-BB70-07A4F51054E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x14.0.0:*:*:*:expressway:*:*:*",
"matchCriteriaId": "EDDF2FE3-585A-4A3D-9E14-A8AE02301223",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x14.0.1:*:*:*:expressway:*:*:*",
"matchCriteriaId": "6C6A62AC-7214-4FB0-A2C9-82BDEE6D7C7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x14.0.2:*:*:*:expressway:*:*:*",
"matchCriteriaId": "7090851D-B154-435B-8F25-06E365334D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x14.0.3:*:*:*:expressway:*:*:*",
"matchCriteriaId": "D1A6AB08-E97C-4865-B225-0EA77AA73366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x14.0.4:*:*:*:expressway:*:*:*",
"matchCriteriaId": "0EE6F371-C8E2-4B4E-855E-882395C02801",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x14.0.5:*:*:*:expressway:*:*:*",
"matchCriteriaId": "711A5AE8-087C-4471-BA1B-C3B70EED1427",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x14.0.6:*:*:*:expressway:*:*:*",
"matchCriteriaId": "4B0339D9-9CA8-4376-A60B-94429B993E80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x14.0.7:*:*:*:expressway:*:*:*",
"matchCriteriaId": "3AA3FAD1-7F25-4D57-AA14-822CDE7FE0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x14.0.8:*:*:*:expressway:*:*:*",
"matchCriteriaId": "9F656226-EAB4-4B9D-965B-872FA62BDA26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_video_communication_server:x14.0.9:*:*:*:expressway:*:*:*",
"matchCriteriaId": "1543EF6E-9B45-4FD4-B435-6579FE7F2C54",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the certificate validation of Cisco\u0026nbsp;Expressway-C and Cisco\u0026nbsp;TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data.\u0026nbsp;\u0026nbsp;The vulnerability is due to a lack of validation of the SSL server certificate that an affected device receives when it establishes a connection to a Cisco\u0026nbsp;Unified Communications Manager device. An attacker could exploit this vulnerability by using a man-in-the-middle technique to intercept the traffic between the devices, and then using a self-signed certificate to impersonate the endpoint. A successful exploit could allow the attacker to view the intercepted traffic in clear text or alter the contents of the traffic.\r\nNote: Cisco\u0026nbsp;Expressway-E is not affected by this vulnerability.Cisco\u0026nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la validaci\u00f3n de certificados de Cisco Expressway-C y Cisco TelePresence VCS podr\u00eda permitir que un atacante remoto no autenticado obtenga acceso no autorizado a datos confidenciales. La vulnerabilidad se debe a la falta de validaci\u00f3n del certificado de servidor SSL que recibe un dispositivo afectado cuando establece una conexi\u00f3n con un dispositivo Cisco Unified Communications Manager. Un atacante podr\u00eda aprovechar esta vulnerabilidad utilizando una t\u00e9cnica de intermediario para interceptar el tr\u00e1fico entre los dispositivos y, a continuaci\u00f3n, utilizando un certificado autofirmado para hacerse pasar por el punto final. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ver el tr\u00e1fico interceptado en texto plano o alterar el contenido del tr\u00e1fico. Nota: Cisco Expressway-E no se ve afectado por esta vulnerabilidad. Cisco ha publicado actualizaciones de software que solucionan esta vulnerabilidad. No existen workarounds que solucionen esta vulnerabilidad. "
}
],
"id": "CVE-2022-20814",
"lastModified": "2025-07-31T15:44:19.193",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
},
"published": "2024-11-15T16:15:22.670",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-csrf-sqpsSfY6"
},
{
"source": "psirt@cisco.com",
"tags": [
"Not Applicable"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-bng-Gmg5Gxt"
},
{
"source": "psirt@cisco.com",
"tags": [
"Not Applicable"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs4k-tl1-GNnLwC6"
},
{
"source": "psirt@cisco.com",
"tags": [
"Not Applicable"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-cdp-wnALzvT2"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…