How severe is CVE-2022-20805?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.1 out of 10.

What type of vulnerability is CVE-2022-20805?

This is classified as CWE-693, which is a common weakness in software security.

CVE-2022-20805 - MEDIUM Severity | CVSS 4.1

Vulnerability Description

A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG) could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies on an affected system. This vulnerability is due to how the decryption function uses the TLS Sever Name Indication (SNI) extension of an HTTP request to discover the destination domain and determine if the request needs to be decrypted. An attacker could exploit this vulnerability by sending a crafted request over TLS from a client to an unknown or controlled URL. A successful exploit could allow an attacker to bypass the decryption process of Cisco Umbrella SWG and allow malicious content to be downloaded to a host on a protected network. There are workarounds that address this vulnerability.

Related Vulnerabilities

CVE-2018-0250

MEDIUM

CVSS:4.1(Medium)

A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for Cisco Aironet 1560, 1810, 1810w, 1815, 1830, 1850, 2800, and 3800 Series APs could allow an authenticated, ...

CWE-6932018

CVE-2024-33883

MEDIUM

CVSS:4.0(Medium)

The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection.

CWE-6932024

CVE-2024-11197

MEDIUM

CVSS:4.2(Medium)

The Lock User Account plugin for WordPress is vulnerable to user lock bypass in all versions up to, and including, 1.0.5. This is due to permitting application password logins when user accounts are l...

CWE-6932024

CVE-2025-0575

LOW

CVSS:3.9(Low)

A vulnerability has been found in Union Bank of India Vyom 8.0.34 on Android and classified as problematic. This vulnerability affects unknown code of the component Rooting Detection. The manipulation...

CWE-6932025

CVE-2019-12938

MEDIUM

CVSS:4.3(Medium)

The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to protect the logs/ folder, which is effective with the Apache HTTP Server but is ineffective with nginx. Attackers can read logs via...

CWE-6932019

CVE-2021-1517

MEDIUM

CVSS:4.3(Medium)

A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerabilit...

CWE-6932021