How severe is CVE-2022-20862?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.3 out of 10.

What type of vulnerability is CVE-2022-20862?

This is classified as CWE-23, which is a common weakness in software security.

CVE-2022-20862

MEDIUM Year: 2022

CVSS v3 Score

4.3

Medium

CVSS v2 Score

4.0

Medium

Weakness Type

CWE-23

View all →

Vulnerability Description

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request that contains directory traversal character sequences to an affected system. A successful exploit could allow the attacker to access sensitive files on the operating system.

CVE-2020-5284

MEDIUM

CVSS:4.3(Medium)

Next.js versions before 9.3.2 have a directory traversal vulnerability. Attackers could craft special requests to access files in the dist directory (.next). This does not affect files outside of the ...

CWE-232020

CVE-2022-22245

MEDIUM

CVSS:4.3(Medium)

A Path Traversal vulnerability in the J-Web component of Juniper Networks Junos OS allows an authenticated attacker to upload arbitrary files to the device by bypassing validation checks built into Ju...

CWE-232022

CVE-2022-30299

MEDIUM

CVSS:4.3(Medium)

A path traversal vulnerability [CWE-23] in the API of FortiWeb 7.0.0 through 7.0.1, 6.3.0 through 6.3.19, 6.4 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions may allow an authentica...

CWE-232022

CVE-2023-1043

MEDIUM

CVSS:4.3(Medium)

A vulnerability was found in MuYuCMS 2.2. It has been classified as problematic. Affected is an unknown function of the file /editor/index.php. The manipulation of the argument dir_path leads to relat...

CWE-232023

CVE-2024-12482

MEDIUM

CVSS:4.3(Medium)

A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected by this issue is the function backup of the file wetech-cms-master\wetech-basic-common\src\main\jav...

CWE-232024

CVE-2024-12897

MEDIUM

CVSS:4.3(Medium)

A vulnerability was found in Intelbras VIP S3020 G2, VIP S4020 G2, VIP S4020 G3 and VIP S4320 G2 up to 20241222. It has been classified as critical. This affects an unknown part of the file ../mtd/Con...

CWE-232024

CVE-2022-20862

Vulnerability Description

Related Vulnerabilities

CVE-2020-5284

CVE-2022-22245

CVE-2022-30299

CVE-2023-1043

CVE-2024-12482

CVE-2024-12897