March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2022-20793 – Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices Vulnerability
October 6, 2022Rewterz Threat Advisory – CVE-2022-20939 – Cisco Smart Software Manager On-Prem Vulnerability
October 6, 2022Rewterz Threat Advisory – CVE-2022-20793 – Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices Vulnerability
October 6, 2022Rewterz Threat Advisory – CVE-2022-20939 – Cisco Smart Software Manager On-Prem Vulnerability
October 6, 2022
Severity
Medium
Analysis Summary
CVE-2022-20952
Cisco AsyncOS Software for Cisco Secure Web Appliance could allow a remote attacker to bypass security restrictions, caused by improper detection of specially-crafted, encoded traffic by the scanning engines. By connecting through an affected device to a malicious server and receiving specially-crafted HTTP responses, an attacker could exploit this vulnerability to bypass an explicit block rule and receive traffic that should have been rejected by the device.
Impact
Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-20952
Affected Vendors
Cisco
Affected Products
Cisco AsyncOS for Secure Web Appliance
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.