CVE-2022-20806

Name of the Vulnerable Software and Affected Versions Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) (affected versions not specified)

Description The issue is related to multiple vulnerabilities in the API and web-based management interfaces of the affected devices. These vulnerabilities could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. The vulnerability exists due to insufficient input validation in the API interface of the software.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.