Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Telepresence_video_communication_server
(Cisco)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 39 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2019-05-03 | CVE-2019-1854 | A vulnerability in the management web interface of Cisco Expressway Series could allow an authenticated, remote attacker to perform a directory traversal attack against an affected device. The vulnerability is due to insufficient input validation on the web interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface. A successful exploit could allow the attacker to bypass security restrictions and access the web interface of a Cisco Unified... | Telepresence_video_communication_server | 4.3 | ||
2016-08-07 | CVE-2016-1468 | The administrative web interface in Cisco TelePresence Video Communication Server Expressway X8.5.2 allows remote authenticated users to execute arbitrary commands via crafted fields, aka Bug ID CSCuv12531. | Telepresence_video_communication_server | 8.8 | ||
2016-05-24 | CVE-2016-1400 | Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7.2 allows remote attackers to cause a denial of service (service disruption) via a crafted URI in a SIP header, aka Bug ID CSCuy43258. | Telepresence_video_communication_server | 7.5 | ||
2015-05-29 | CVE-2015-0752 | Cross-site scripting (XSS) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut27635. | Telepresence_video_communication_server | N/A | ||
2015-01-14 | CVE-2015-0579 | Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway allow remote attackers to cause a denial of service (memory and CPU consumption, and partial outage) via crafted SIP packets, aka Bug ID CSCur12473. | Telepresence_video_communication_server | N/A | ||
2014-01-23 | CVE-2014-0675 | The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship, aka Bug ID CSCue07471. | Telepresence_video_communication_server | N/A | ||
2012-03-01 | CVE-2012-0331 | Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP packet, as demonstrated by a SIP INVITE message from a Tandberg device, aka Bug ID CSCtq73319. | Telepresence_system_software, Telepresence_video_communication_server | N/A | ||
2012-03-01 | CVE-2012-0330 | Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID CSCtr20426. | Telepresence_system_software, Telepresence_video_communication_server | N/A |