What is CVE-2022-20917?

CVE-2022-20917 is a medium-severity vulnerability in Cisco Jabber, classified under Exposure of Resource to Wrong Sphere. CVSS score: 4.3/10. Published 2023-09-15.

How severe is CVE-2022-20917?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Vulnerability in Cisco Jabber

CVE-2022-20917

A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected appl…

EPSS: 0.002 (38.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N.

Affected products

Cisco Jabber — versions 10.5(0), 10.5(1), 10.5(2)

Weakness classification (CWE)

CWE-668 — Exposure of Resource to Wrong Sphere

References

cisco-sa-jabber-xmpp-Ne9SCM

Frequently asked questions

What is CVE-2022-20917?: CVE-2022-20917 is a medium-severity vulnerability in Cisco Jabber, classified under Exposure of Resource to Wrong Sphere. CVSS score: 4.3/10. Published 2023-09-15.
How severe is CVE-2022-20917?: Medium severity. CVSS v3 base score is 4.3 out of 10.