Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Telepresence_video_communication_server_software
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 29 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2015-08-20 | CVE-2015-4316 | The Mobile and Remote Access (MRA) endpoint-validation feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly validates the phone line used for registration, which allows remote authenticated users to conduct impersonation attacks via a crafted registration, aka Bug ID CSCuv40396. | Telepresence_video_communication_server_software | N/A | ||
| 2015-08-19 | CVE-2015-4315 | The Call Policy Configuration page in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.3 improperly validates external DTDs, which allows remote authenticated users to read arbitrary files or cause a denial of service via a crafted XML document, aka Bug ID CSCuv31853. | Telepresence_video_communication_server_software | N/A | ||
| 2015-08-19 | CVE-2015-4314 | The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 allows remote authenticated users to obtain sensitive password-hash information by reading the snapshot file, aka Bug ID CSCuv40422. | Telepresence_video_communication_server_software | N/A | ||
| 2015-08-20 | CVE-2015-4303 | Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary commands in the context of the nobody user account via an unspecified web-page parameter, aka Bug ID CSCuv12333. | Telepresence_video_communication_server_software | N/A | ||
| 2015-06-12 | CVE-2015-0772 | Cisco TelePresence Video Communication Server (VCS) X8.5RC4 allows remote attackers to cause a denial of service (CPU consumption or device outage) via a crafted SDP parameter-negotiation request in an SDP session during a SIP connection, aka Bug ID CSCut42422. | Telepresence_video_communication_server_software | N/A | ||
| 2015-03-13 | CVE-2015-0652 | The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X8.2 and Cisco TelePresence Conductor before XC2.4 allows remote attackers to cause a denial of service (mishandled exception and device reload) via a crafted media description, aka Bug IDs CSCus96593 and CSCun73192. | Expressway_software, Telepresence_conductor, Telepresence_video_communication_server_software | N/A | ||
| 2014-10-18 | CVE-2014-3370 | Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug IDs CSCum60442 and CSCum60447. | Expressway_software, Telepresence_video_communication_server_software | N/A | ||
| 2014-10-18 | CVE-2014-3369 | The SIP IX implementation in Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allows remote attackers to cause a denial of service (device reload) via crafted SDP packets, aka Bug ID CSCuo42252. | Expressway_software, Telepresence_video_communication_server_software | N/A | ||
| 2014-10-18 | CVE-2014-3368 | Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.2 allow remote attackers to cause a denial of service (device reload) via a high rate of crafted packets, aka Bug ID CSCui06507. | Expressway_software, Telepresence_video_communication_server_software | N/A | ||
| 2014-01-22 | CVE-2014-0662 | The SIP module in Cisco TelePresence Video Communication Server (VCS) before 8.1 allows remote attackers to cause a denial of service (process failure) via a crafted SDP message, aka Bug ID CSCue97632. | Telepresence_video_communication_server_software, Telepresence_video_communication_servers_software | N/A |