CVE-2022-20815

🗓️ 06 Jul 2022 20:30:51Reported by ciscoType

cve🔗 web.nvd.nist.gov📰️ 4 Media mentions👁 78 Views

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack

Reporter	Title	Published	Views	Family All 14
ATTACKERKB	CVE-2022-20815	6 Jul 202216:00	–	attackerkb
Circl	CVE-2022-20815	7 Jul 202200:14	–	circl
Cisco	Cisco Unified Communications Products Cross-Site Scripting Vulnerability	6 Jul 202216:00	–	cisco
Tenable Nessus	Cisco Unified Communications Manager XSS (cisco-sa-cucm-xss-ksKd5yfA)	14 Jul 202200:00	–	nessus
Tenable Nessus	Cisco Unified Communications Manager IM & Presence XSS (cisco-sa-cucm-xss-ksKd5yfA)	14 Jul 202200:00	–	nessus
CNNVD	Cisco Unified Communications Manager 跨站脚本漏洞	6 Jul 202200:00	–	cnnvd
CNVD	Cisco Unified Communications Manager Cross-Site Scripting Vulnerability (CNVD-2022-50630)	7 Jul 202200:00	–	cnvd
Cvelist	CVE-2022-20815 Cisco Unified Communications Products Cross-Site Scripting Vulnerability	6 Jul 202220:30	–	cvelist
EUVD	EUVD-2022-26065	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Cisco products	7 Jul 202200:00	–	ncsc

NVD

Node

cisco unified_communications_managerRange14.0–14su2

cisco unified_communications_managerRange14.0–14su2session_management

cisco unified_communications_manager_im_and_presence_serviceRange11.5(1)–11.5(1)su11

cisco unified_communications_manager_im_and_presence_serviceRange12.5(1)–12.5(1)su6

cisco unified_communications_manager_im_and_presence_serviceRange14.0–14.0su2

[
  {
    "product": "Cisco Unified Communications Manager",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]