How severe is CVE-2022-39269?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.1 out of 10.

What type of vulnerability is CVE-2022-39269?

This is classified as CWE-319, which is a common weakness in software security.

CVE-2022-39269 - CRITICAL Severity | CVSS 9.1

Vulnerability Description

PJSIP is a free and open source multimedia communication library written in C. When processing certain packets, PJSIP may incorrectly switch from using SRTP media transport to using basic RTP upon SRTP restart, causing the media to be sent insecurely. The vulnerability impacts all PJSIP users that use SRTP. The patch is available as commit d2acb9a in the master branch of the project and will be included in version 2.13. Users are advised to manually patch or to upgrade. There are no known workarounds for this vulnerability.

Related Vulnerabilities

CVE-2018-6017

CRITICAL

CVSS:9.1(Critical)

Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to extract private sensitive information by sniffing network traffic.

CWE-3192018

CVE-2018-6018

CRITICAL

CVSS:9.1(Critical)

Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to extract private sensitive information by sniffing network traffic.

CWE-3192018

CVE-2019-17218

CRITICAL

CVSS:9.1(Critical)

An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05. By default, the communication to the web service is unencrypted via http. An attacker is able to inte...

CWE-3192019

CVE-2020-5885

CRITICAL

CVSS:9.1(Critical)

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set up for connection mirroring in a high availability (HA) pair transfer sensitive cryptographic obj...

CWE-3192020

CVE-2020-5886

CRITICAL

CVSS:9.1(Critical)

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems setup for connection mirroring in a High Availability (HA) pair transfers sensitive cryptographic obj...

CWE-3192020

CVE-2021-22380

CRITICAL

CVSS:9.1(Critical)

There is a Cleartext Transmission of Sensitive Information Vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service confidentiality and availability.

CWE-3192021