Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2022-20815 Cisco Unified Communications Products Cross-Site Scripting Vulnerability

🗓️ 06 Jul 2022 20:30:51Reported by ciscoType 
cvelist
 cvelist🔗 www.cve.org👁 18 Views

A Cisco Unified Communications Manager vulnerability allows unauthenticated attackers to execute cross-site scripting attacks via crafted links, possibly leading to arbitrary script execution or access to sensitive browser information

Related
Affected
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB		CVE-2022-20815
6 Jul 202216:00
attackerkb
BDU FSTEC		The vulnerability in the web interfaces of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME), as well as Cisco Unified Communications Manager IM & Presence Service, allows a attacker to execute XSS attacks.
11 Jul 202200:00
bdu_fstec
Circl		CVE-2022-20815
7 Jul 202200:14
circl
Cisco		Cisco Unified Communications Products Cross-Site Scripting Vulnerability
6 Jul 202216:00
cisco
Tenable Nessus		Cisco Unified Communications Manager XSS (cisco-sa-cucm-xss-ksKd5yfA)
14 Jul 202200:00
nessus
Tenable Nessus		Cisco Unified Communications Manager IM & Presence XSS (cisco-sa-cucm-xss-ksKd5yfA)
14 Jul 202200:00
nessus
CNNVD		Cisco Unified Communications Manager 跨站脚本漏洞
6 Jul 202200:00
cnnvd
CNVD		Cisco Unified Communications Manager Cross-Site Scripting Vulnerability (CNVD-2022-50630)
7 Jul 202200:00
cnvd
CVE		CVE-2022-20815
6 Jul 202220:30
cve
EUVD		EUVD-2022-26065
3 Oct 202520:07
euvd
Rows per page
[
  {
    "product": "Cisco Unified Communications Manager",
    "vendor": "Cisco",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
06 Jul 2022 20:30Current
6.2Medium risk
Vulners AI Score6.2
CVSS 3.16.1
EPSS0.0032
CWE-79
cisco unified communicationscross-site scriptingvulnerabilityweb-based managementinterfaceuser-supplied inputarbitrary script executionsensitive information
18