How severe is CVE-2023-20002?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.4 out of 10.

What type of vulnerability is CVE-2023-20002?

This is classified as CWE-918, which is a common weakness in software security.

CVE-2023-20002 - MEDIUM Severity | CVSS 4.4

Vulnerability Description

A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to a user of the web application. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected system.

Related Vulnerabilities

CVE-2017-20106

MEDIUM

CVSS:4.4(Medium)

A vulnerability, which was classified as critical, has been found in Lithium Forum 2017 Q1. This issue affects some unknown processing of the component Compose Message Handler. The manipulation of the...

CWE-9182017

CVE-2022-44730

MEDIUM

CVSS:4.4(Medium)

Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / da...

CWE-9182022

CVE-2024-30420

MEDIUM

CVSS:4.4(Medium)

Server-side request forgery (SSRF) vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12 and Ver.3.0.x series versions prior to Ver.3.0.32. If this vulnerability is exploite...

CWE-9182024

CVE-2024-32454

MEDIUM

CVSS:4.4(Medium)

Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom GoogleMeet and more – Wappointment.This issue affects Appointment Bookings for Zoom GoogleMeet and more –...

CWE-9182024

CVE-2024-33627

MEDIUM

CVSS:4.4(Medium)

Server-Side Request Forgery (SSRF) vulnerability in Cusmin Absolutely Glamorous Custom Admin.This issue affects Absolutely Glamorous Custom Admin: from n/a through 7.2.2.

CWE-9182024

CVE-2024-33629

MEDIUM

CVSS:4.4(Medium)

Server-Side Request Forgery (SSRF) vulnerability in Creative Motion Auto Featured Image (Auto Post Thumbnail).This issue affects Auto Featured Image (Auto Post Thumbnail): from n/a through 4.0.0.

CWE-9182024