Vulnerability in Cisco Umbrella Insights Virtual Appliance
CVE-2022-20805
A vulnerability in the automatic decryption process in Cisco Umbrella Secure Web Gateway (SWG) could allow an authenticated, adjacent attacker to bypass the SSL decryption and content filtering policies on an affected system. This vulnerab…
EPSS: 0.000 (10.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 4.1 (Medium). Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N.
Affected products
- Cisco Umbrella Insights Virtual Appliance — versions n/a
Weakness classification (CWE)
References
- 20220420 Cisco Umbrella Secure Web Gateway File Decryption Bypass Vulnerability (vendor-advisory, x_refsource_CISCO)
Frequently asked questions
- What is CVE-2022-20805?
- CVE-2022-20805 is a medium-severity vulnerability in Cisco Umbrella Insights Virtual Appliance, classified under Protection Mechanism Failure. CVSS score: 4.1/10. Published 2022-04-21.
- How severe is CVE-2022-20805?
- Medium severity. CVSS v3 base score is 4.1 out of 10.