← Back to CVE List

CVE-2022-20752

Published: 2022-07-06T21:15Z
Last Modified: 2024-11-21T06:43Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to perform a timing attack. This vulnerability is due to insufficient protection of a system password. An attacker could exploit this vulnerability by observing the time it takes the system to respond to various queries. A successful exploit could allow the attacker to determine a sensitive system password. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt