Cisco

Telepresence Video Communication Server Software

30 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.4

CVE-2022-20853

  • EPSS 0.49%
  • Published 15.11.2024 16:15:23
  • Last modified 31.07.2025 15:44:08

A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due ...

6.5

CVE-2016-1444

  • EPSS 0.1%
  • Published 07.07.2016 14:59:05
  • Last modified 12.04.2025 10:46:40

The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7 and Expressway X8.1 through X8.6 mishandles certificates, which allows remote attackers to bypass authentication via an arbitrary tr...

8

CVE-2016-1338

  • EPSS 0.65%
  • Published 12.03.2016 02:59:02
  • Last modified 12.04.2025 10:46:40

Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026.

5.3

CVE-2016-1316

  • EPSS 0.23%
  • Published 09.02.2016 03:59:00
  • Last modified 12.04.2025 10:46:40

Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction with Jabber Guest, allows remote attackers to obtain sensitive call-statistics information via a direct request to an unspecified URL, aka Bug ID CSCux73362...

4

CVE-2015-6410

  • EPSS 0.18%
  • Published 14.12.2015 03:59:03
  • Last modified 12.04.2025 10:46:40

The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a u...

2.1

CVE-2015-6414

  • EPSS 0.04%
  • Published 13.12.2015 03:59:08
  • Last modified 12.04.2025 10:46:40

Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same encryption key across different customers' installations, which makes it easier for local users to defeat cryptographic protection mechanisms by leveraging knowledge of a key from...

4

CVE-2015-6413

  • EPSS 0.17%
  • Published 13.12.2015 03:59:07
  • Last modified 12.04.2025 10:46:40

Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated users to bypass intended read-only restrictions and upload Tandberg Linux Package (TLP) files by visiting an administrative page, aka Bug ID CSCuw55651.

6.8

CVE-2015-6376

  • EPSS 0.12%
  • Published 21.11.2015 11:59:14
  • Last modified 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv72412.

6.9

CVE-2015-6318

  • EPSS 0.09%
  • Published 12.10.2015 10:59:09
  • Last modified 12.04.2025 10:46:40

Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 and X8.5.2 allows local users to write to arbitrary files via an unspecified symlink attack, aka Bug ID CSCuv11969.

6.9

CVE-2015-4325

  • EPSS 0.09%
  • Published 12.10.2015 10:59:04
  • Last modified 12.04.2025 10:46:40

The process-management implementation in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges by terminating a firestarter.py supervised process and then triggering the restart of a process by th...