Cisco

Telepresence Video Communication Server Software

30 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.9

CVE-2015-4330

  • EPSS 0.15%
  • Published 02.09.2015 16:59:00
  • Last modified 12.04.2025 10:46:40

A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556.

4

CVE-2015-6261

  • EPSS 0.15%
  • Published 26.08.2015 14:59:00
  • Last modified 12.04.2025 10:46:40

Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to bypass intended access restrictions and read configuration files by leveraging the Mobile and Remote Access (MRA) role and establishing a TFTP ...

5

CVE-2015-4318

  • EPSS 0.54%
  • Published 20.08.2015 15:59:00
  • Last modified 12.04.2025 10:46:40

Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in a GET request, aka Bug ID CSCuv40528.

6.5

CVE-2015-4329

  • EPSS 0.46%
  • Published 20.08.2015 10:59:10
  • Last modified 12.04.2025 10:46:40

The administrator web interface in Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, aka Bug ID CSCuv11796.

5.5

CVE-2015-4319

  • EPSS 0.6%
  • Published 20.08.2015 10:59:08
  • Last modified 12.04.2025 10:46:40

The password-change feature in the administrative web interface in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 improperly performs authorization, which allows remote authenticated users to reset arbitrary active-user passwor...

5.5

CVE-2015-4316

  • EPSS 0.46%
  • Published 20.08.2015 10:59:07
  • Last modified 12.04.2025 10:46:40

The Mobile and Remote Access (MRA) endpoint-validation feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly validates the phone line used for registration, which allows remote authenticated users to conduct impe...

6.5

CVE-2015-4303

  • EPSS 0.57%
  • Published 20.08.2015 10:59:06
  • Last modified 12.04.2025 10:46:40

Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary commands in the context of the nobody user account via an unspecified web-page parameter, aka Bug ID CSCuv12333.

4

CVE-2015-4328

  • EPSS 0.24%
  • Published 20.08.2015 00:59:06
  • Last modified 12.04.2025 10:46:40

Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly checks for a user account's read-only attribute, which allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, as demonstrated by r...

7.2

CVE-2015-4327

  • EPSS 0.12%
  • Published 20.08.2015 00:59:04
  • Last modified 12.04.2025 10:46:40

The CLI in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to obtain root privileges by writing script arguments to an unspecified file, aka Bug ID CSCuv12542.

4

CVE-2015-4320

  • EPSS 0.2%
  • Published 20.08.2015 00:59:03
  • Last modified 12.04.2025 10:46:40

The Configuration Log File component in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to obtain sensitive information by reading a log file, aka Bug ID CSCuv12340.