The vulnerability of the Cisco Discovery Protocol implementation in Cisco Unified Communications Manager (CM) and Cisco Unified Communications Manager Session Management Edition (SME) systems allows a attacker to cause service interruptions.

🗓️ 13 May 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

CDP flaw in Cisco Unified Communications Manager and Session Management Edition enables remote service disruptions due to insufficient state checks.

Reporter	Title	Published	Views	Family All 13
ATTACKERKB	CVE-2022-20804	20 Apr 202223:00	–	attackerkb
Circl	CVE-2022-20804	21 Apr 202222:27	–	circl
Cisco	Cisco Unified Communications Products Denial of Service Vulnerability	20 Apr 202216:00	–	cisco
Tenable Nessus	Cisco Unified Communications Products DoS (cisco-sa-ucm-dos-zHS9X9kD)	28 Apr 202200:00	–	nessus
CNNVD	Cisco Unified Communications Manager 代码问题漏洞	20 Apr 202200:00	–	cnnvd
CNVD	Cisco Unified CM and Unified CM SME Denial of Service Vulnerability	22 Apr 202200:00	–	cnvd
CVE	CVE-2022-20804	21 Apr 202218:50	–	cve
Cvelist	CVE-2022-20804 Cisco Unified Communications Products Denial of Service Vulnerability	21 Apr 202218:50	–	cvelist
EUVD	EUVD-2022-26054	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Cisco products	21 Apr 202200:00	–	ncsc

Vulners

Node

cisco_systems cisco_unified_communications_managerRange<14su1

OR

cisco_systems cisco_unified_communications_manager_smeRange<14su1

Source	Link
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucm-dos-zHS9X9kD
vuldb	www.vuldb.com/
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2022042132
web	www.web.nvd.nist.gov/view/vuln/detail

13 May 2022 00:00Current

6.5Medium risk

Vulners AI Score6.5

CVSS 26.1

CVSS 36.5

EPSS0.00101

Cisco Discovery Protocol Cisco Unified Communications Manager Cisco Unified Communications Manager Session Management Edition remote service disruptions insufficient state checks