CVE-2022-20634 Cisco Enterprise Chat and Email Open Redirect Vulnerability

🗓️ 15 Nov 2024 16:02:16Reported by ciscoType

Cisco ECE Open Redirect Vulnerabilit

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability in the web interface for controlling Cisco Enterprise Chat and Email allows attackers to carry out phishing attacks.	1 Feb 202200:00	–	bdu_fstec
Cisco	Cisco Enterprise Chat and Email Vulnerabilities	12 Jan 202216:00	–	cisco
CNNVD	Cisco Enterprise Chat and Email 输入验证错误漏洞	12 Jan 202200:00	–	cnnvd
CVE	CVE-2022-20634	15 Nov 202416:02	–	cve
EUVD	EUVD-2022-25884	3 Oct 202520:07	–	euvd
NVD	CVE-2022-20634	15 Nov 202416:15	–	nvd
OSV	CVE-2022-20634	15 Nov 202416:15	–	osv
Positive Technologies	PT-2022-1433 · Cisco · Cisco Ece	12 Jan 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-20634	22 May 202521:50	–	redhatcve
Vulnrichment	CVE-2022-20634 Cisco Enterprise Chat and Email Open Redirect Vulnerability	15 Nov 202416:02	–	vulnrichment

[
  {
    "vendor": "Cisco",
    "product": "Cisco Enterprise Chat and Email",
    "versions": [
      {
        "version": "11.6(1)_ES3",
        "status": "affected"
      },
      {
        "version": "11.6(1)_ES4",
        "status": "affected"
      },
      {
        "version": "12.0(1)_ES6",
        "status": "affected"
      },
      {
        "version": "11.6(1)_ES8",
        "status": "affected"
      },
      {
        "version": "12.0(1)_ES5a",
        "status": "affected"
      },
      {
        "version": "11.6(1)_ES9",
        "status": "affected"
      },
      {
        "version": "12.0(1)_ES6_ET1",
        "status": "affected"
      },
      {
        "version": "11.6(1)_ES6",
        "status": "affected"
      },
      {
        "version": "11.6(1)_ES5",
        "status": "affected"
      },
      {
        "version": "12.5(1)_ET1",
        "status": "affected"
      },
      {
        "version": "12.5(1)",
        "status": "affected"
      },
      {
        "version": "12.5(1)_ES3_ET1",
        "status": "affected"
      },
      {
        "version": "12.0(1)_ES3",
        "status": "affected"
      },
      {
        "version": "11.6(1)_ES11",
        "status": "affected"
      },
      {
        "version": "12.0(1)_ES4",
        "status": "affected"
      },
      {
        "version": "12.0(1)_ES5",
        "status": "affected"
      },
      {
        "version": "11.6(1)_ES2",
        "status": "affected"
      },
      {
        "version": "11.6(1)_ES9a",
        "status": "affected"
      },
      {
        "version": "11.6(1)_ES10",
        "status": "affected"
      },
      {
        "version": "12.0(1)_ES1",
        "status": "affected"
      },
      {
        "version": "12.0(1)",
        "status": "affected"
      },
      {
        "version": "12.5(1)_ES3",
        "status": "affected"
      },
      {
        "version": "12.6(1)",
        "status": "affected"
      },
      {
        "version": "11.5(1)",
        "status": "affected"
      },
      {
        "version": "12.0(1)_ES2",
        "status": "affected"
      },
      {
        "version": "11.6(1)_ES7",
        "status": "affected"
      },
      {
        "version": "12.5(1)_ES2",
        "status": "affected"
      },
      {
        "version": "12.6(1)_ET1",
        "status": "affected"
      },
      {
        "version": "11.6(1)",
        "status": "affected"
      },
      {
        "version": "12.5(1)_ES1",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-multivulns-kbK2yVhR

15 Nov 2024 16:02Current

CVSS 3.14.7

EPSS0.00572