Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Telepresence_video_communication_server_software
(Cisco)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 29 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2015-08-26 | CVE-2015-6261 | Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to bypass intended access restrictions and read configuration files by leveraging the Mobile and Remote Access (MRA) role and establishing a TFTP session, aka Bug ID CSCuv78531. | Telepresence_video_communication_server_software | N/A | ||
2015-09-02 | CVE-2015-4330 | A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556. | Telepresence_video_communication_server_software | N/A | ||
2015-08-20 | CVE-2015-4329 | The administrator web interface in Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, aka Bug ID CSCuv11796. | Telepresence_video_communication_server_software | N/A | ||
2015-08-19 | CVE-2015-4328 | Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly checks for a user account's read-only attribute, which allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, as demonstrated by read or write operations on the Unified Communications lookup page, aka Bug ID CSCuv12552. | Telepresence_video_communication_server_software | N/A | ||
2015-08-19 | CVE-2015-4327 | The CLI in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to obtain root privileges by writing script arguments to an unspecified file, aka Bug ID CSCuv12542. | Telepresence_video_communication_server_software | N/A | ||
2015-10-12 | CVE-2015-4325 | The process-management implementation in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges by terminating a firestarter.py supervised process and then triggering the restart of a process by the root account, aka Bug ID CSCuv12272. | Telepresence_video_communication_server_software | N/A | ||
2015-08-19 | CVE-2015-4320 | The Configuration Log File component in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to obtain sensitive information by reading a log file, aka Bug ID CSCuv12340. | Telepresence_video_communication_server_software | N/A | ||
2015-08-20 | CVE-2015-4319 | The password-change feature in the administrative web interface in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 improperly performs authorization, which allows remote authenticated users to reset arbitrary active-user passwords via unspecified vectors, aka Bug ID CSCuv12338. | Telepresence_video_communication_server_software | N/A | ||
2015-08-20 | CVE-2015-4318 | Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in a GET request, aka Bug ID CSCuv40528. | Telepresence_video_communication_server_software | N/A | ||
2015-08-19 | CVE-2015-4317 | Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in an authentication packet, aka Bug ID CSCuv40469. | Telepresence_video_communication_server_software | N/A |