How severe is CVE-2022-20764?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2022-20764?

This is classified as CWE-601, which is a common weakness in software security.

CVE-2022-20764

HIGH Year: 2022

CVSS v3 Score

8.1

High

CVSS v2 Score

5.5

Medium

Weakness Type

CWE-601

View all →

Vulnerability Description

Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker to cause a denial of service (DoS) condition, view sensitive data on an affected device, or redirect users to an attacker-controlled destination. For more information about these vulnerabilities, see the Details section of this advisory.

CVE-2016-5385

HIGH

CVSS:8.1(High)

PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY envir...

CWE-6012016

CVE-2018-1251

HIGH

CVSS:8.1(High)

Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect Unit...

CWE-6012018

CVE-2018-13813

HIGH

CVSS:8.1(High)

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mob...

CWE-6012018

CVE-2023-25734

HIGH

CVSS:8.1(High)

After downloading a Windows <code>.url</code> shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This ...

CWE-6012023

CVE-2024-22243

HIGH

CVSS:8.1(High)

Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open ...

CWE-6012024

CVE-2024-22259

HIGH

CVSS:8.1(High)

Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be v...

CWE-6012024

CVE-2022-20764

Vulnerability Description

Related Vulnerabilities

CVE-2016-5385

CVE-2018-1251

CVE-2018-13813

CVE-2023-25734

CVE-2024-22243

CVE-2024-22259