- EPSS 2.84%
- Veröffentlicht 13.04.2010 17:30:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
The administrative web console on the TANDBERG Video Communication Server (VCS) before X4.3 uses predictable session cookies in (1) tandberg/web/lib/secure.php and (2) tandberg/web/user/lib/secure.php, which makes it easier for remote attackers to by...
CVE-2009-4510
- EPSS 0.65%
- Veröffentlicht 13.04.2010 17:30:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
The SSH service on the TANDBERG Video Communication Server (VCS) before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets.
- EPSS 1.71%
- Veröffentlicht 13.04.2010 17:30:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
Multiple directory traversal vulnerabilities in the web administration interface on the TANDBERG Video Communication Server (VCS) before X5.1 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to (1) hel...
CVE-2010-1355
- EPSS 0.23%
- Veröffentlicht 13.04.2010 17:30:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316.
- EPSS 2.37%
- Veröffentlicht 13.04.2010 17:30:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
Unspecified vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to execute arbitrary code via unknown vectors, aka Reference ID 69773.