Cisco

Mediasense

8 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-6779

  • EPSS 1.28%
  • Veröffentlicht 07.06.2018 12:29:00
  • Zuletzt bearbeitet 31.07.2025 15:03:24

Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial o...

10

CVE-2017-12337

  • EPSS 13.19%
  • Veröffentlicht 16.11.2017 07:29:01
  • Zuletzt bearbeitet 31.07.2025 15:03:24

A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affected device. The vuln...

4.3

CVE-2014-0670

  • EPSS 0.54%
  • Veröffentlicht 22.01.2014 05:22:20
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCum16686.

5.8

CVE-2014-0671

  • EPSS 0.74%
  • Veröffentlicht 22.01.2014 05:22:20
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Open redirect vulnerability in Cisco MediaSense allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCum16749.

4

CVE-2014-0672

  • EPSS 0.5%
  • Veröffentlicht 22.01.2014 05:22:20
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Search and Play interface in Cisco MediaSense does not properly enforce authorization requirements, which allows remote authenticated users to download arbitrary recordings via a request to this interface.

5

CVE-2013-5502

  • EPSS 0.28%
  • Veröffentlicht 23.09.2013 10:18:59
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The web interface in Cisco MediaSense does not properly protect the client-server communication channel, which allows remote attackers to obtain sensitive query string or cookie information via unspecified vectors, aka Bug ID CSCuj23344.

4.3

CVE-2013-5500

  • EPSS 0.3%
  • Veröffentlicht 20.09.2013 16:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin service page in Cisco MediaSense allow remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuj23320, CSCuj23324, CSCuj23333, and CSCuj...

4.3

CVE-2013-5501

  • EPSS 0.3%
  • Veröffentlicht 20.09.2013 16:55:07
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in the oraservice page in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCuj23328.