CVE-2022-20954 Cisco TelePresence Collaboration Endpoint (CE) and RoomOS Software could be vulnerable to path traversal, sensitive data viewing, and write arbitrary files attacks.

The Cisco Room system is a virtual data center that consists of virtual endpoints connected to one or more external physical endpoints. External endpoints are the servers to which users connect to access the Room system. These servers are vulnerable to remote code execution if they have vulnerable or unpatched versions of Cisco Unified Computing System (UCS) Software, Cisco Application Centric Infrastructure (ACI) Software, or Cisco Unified Contact Center Enterprise (CCE) Software. These endpoints are also vulnerable to path traversal attacks if they have vulnerable or unpatched versions of Cisco Unified Contact Center Enterprise (UCCE) or Cisco Unified Contact Center Express (UCCX). Cisco Room systems are a virtual data center that consists of virtual endpoints connected to one or more external physical endpoints. External endpoints are the servers to which users connect to access the Room system. These servers are vulnerable to remote code execution if they have vulnerable or unpatched versions of Cisco Unified Computing System (UCS) Software, Cisco Application Centric Infrastructure (ACI) Software, or Cisco Unified Contact Center Enterprise (CCE) Software. These endpoints are also vulnerable to path traversal attacks if they have vulnerable or unpatched versions of Cisco Unified Contact Center Enterprise (UCCE) or Cisco Unified Contact Center Express (UCCX)

Cisco UCS Platforms

The Cisco Room system is a virtual data center that consists of virtual endpoints connected to one or more external physical endpoints. External endpoints are the servers to which users connect to access the Room system. These servers are vulnerable to remote code execution if they have vulnerable or unpatched versions of Cisco Unified Computing System (UCS) Software, Cisco Application Centric Infrastructure (ACI) Software, or Cisco Unified Contact Center Enterprise (CCE) Software. These endpoints are also vulnerable to path traversal attacks if they have vulnerable or unpatched versions of Cisco Unified Contact Center Enterprise (UCCE) or Cisco Unified Contact Center Express (UCCX).

Vulnerability Overview

This vulnerability is remotely exploitable. An exploit could allow the attacker to cause a buffer overflow on the vulnerable endpoint. The attacker must authenticate to the vulnerable endpoint before exploiting this vulnerability.

Description of Vulnerable Cisco Room System

Cisco Room Systems are virtual data centers that consist of virtual endpoints connected to one or more external physical endpoints. External endpoints are the servers to which users connect to access the Room system. These servers are vulnerable to remote code execution if they have vulnerable or unpatched versions of Cisco Unified Computing System (UCS) Software, Cisco Application Centric Infrastructure (ACI) Software, or Cisco Unified Contact Center Enterprise (CCE) Software. These endpoints are also vulnerable to path traversal attacks if they have vulnerable or unpatched versions of Cisco Unified Contact Center Enterprise (UCCE) or Cisco Unified Contact Center Express (UCCX).

References:

Cisco Room system: https://www.cisco.com/c/en/us/products/collateral/routers-switches-security-systems/routers-switches-mobility-platforms/xrv-3000-series-0/-1
UCCE and UCCX: https://tools.cisco.com//go/UCMC?id=PREFIX%2F_UCCE&N=UNIQUE
UCS, ACI, and UCS Software: http://www.cisco.com/web/support/docs/ps65001557_ps6501642_ps6604159_tsd_k9xw8g2jww11nq3h6i1qiwljdzp0eo5h38z06f7i2wc2
Cisco Room systems are a virtual data center that consists of virtual endpoints connected to one or more external physical endpoints. External endpoints are the servers to which users connect to access the Room system. These servers are vulnerable to remote code execution if they have vulnerable or unpatched versions of Cisco Unified Computing System (UCS) Software, Cisco Application Centric Infrastructure (ACI) Software, or Cisco Unified Contact Center Enterprise (CCE) Software. These endpoints are also vulnerable to path traversal attacks if they have vulnerable or unpatched versions of Cisco

Overview of Cisco Unified Computing System Software

Cisco Unified Computing System (UCS) Software is the server operating system for Cisco Room systems. It is a virtual machine that runs on Intel x86-compatible hardware. This software is vulnerable to remote code execution if it has vulnerable or unpatched versions of Cisco Unified Computing System Software, Cisco Application Centric Infrastructure (ACI) Software, and Cisco Unified Contact Center Enterprise (CCE) Software. Additionally, these endpoints are also vulnerable to path traversal attacks if they have vulnerable or unpatched versions of Cisco Unified Contact Center Enterprise (UCCE) or Cisco Unified Contact Center Express (UCCX).

Timeline

Published on: 10/26/2022 15:15:00 UTC
Last modified on: 10/31/2022 17:29:00 UTC

References

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-trav-beFvCcyu
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-20954