Cisco Alert
3015Warning Date
Severity Level
Warning Number
Target Sector
17 July, 2022
● High
2022-5030
All
Cisco has released security updates to address several vulnerabilities in the following products:
- Cisco Expressway Series and Cisco TelePresence Video Communication Server
- Cisco Smart Software Manager On-Prem
- Cisco Unified Communications Products
- Cisco Unified Communications Manager
- Cisco TelePresence Collaboration Endpoint and RoomOS Software
Attacker could exploit these vulnerabilities by doing the following:
- Arbitrary File Write
- Denial of service attack (DoS)
- Unauthorized disclosure of information
- Cross-site scripting (XSS)
- Unauthorized access
The CERT team encourages users to review Cisco security advisory and apply the necessary updates:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-imp-afr-YBFLNyzd
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-RgH7MpKA
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-xss-ksKd5yfA
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-infodisc-YOTz9Ct7
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-infodisc-YOTz9Ct7
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucm-access-dMKvV2DY
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucm-file-read-qgjhEc3A
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucm-timing-JVbHECOK
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-onprem-privesc-tP6uNZOS
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-overwrite-3buqW8LH