Cisco

Telepresence Video Communication Server

39 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.4

CVE-2022-20853

  • EPSS 0.44%
  • Veröffentlicht 15.11.2024 16:15:23
  • Zuletzt bearbeitet 31.07.2025 15:44:08

A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due ...

7.4

CVE-2022-20814

  • EPSS 0.23%
  • Veröffentlicht 15.11.2024 16:15:22
  • Zuletzt bearbeitet 31.07.2025 15:44:19

A vulnerability in the certificate validation of Cisco Expressway-C and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to gain unauthorized access to sensitive data.  The vulnerability is due to a lack of v...

6.7

CVE-2024-20492

  • EPSS 0.16%
  • Veröffentlicht 02.10.2024 17:15:17
  • Zuletzt bearbeitet 08.10.2024 16:07:26

A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the...

4.7

CVE-2024-20400

  • EPSS 0.89%
  • Veröffentlicht 17.07.2024 17:15:13
  • Zuletzt bearbeitet 31.07.2025 16:40:38

A vulnerability in the web-based management interface of Cisco Expressway Series could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request par...

7.5

CVE-2023-44487

Warnung Medienbericht Exploit
  • EPSS 94.44%
  • Veröffentlicht 10.10.2023 14:15:10
  • Zuletzt bearbeitet 11.06.2025 17:29:54

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

7.2

CVE-2023-20209

  • EPSS 30.12%
  • Veröffentlicht 16.08.2023 21:15:09
  • Zuletzt bearbeitet 21.11.2024 07:40:50

A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command ...

7.7

CVE-2023-20192

  • EPSS 0.21%
  • Veröffentlicht 28.06.2023 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:40:47

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated attacker with Administrator-level read-only credentials to elevate their privileges to Administrator with read-wr...

6.5

CVE-2023-20105

  • EPSS 0.1%
  • Veröffentlicht 28.06.2023 15:15:09
  • Zuletzt bearbeitet 21.11.2024 07:40:33

A vulnerability in the change password functionality of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with Read-only credentials to elevate privileges to Administrator on...

8.5

CVE-2022-20812

  • EPSS 0.11%
  • Veröffentlicht 06.07.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 06:43:36

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning...

5.9

CVE-2022-20813

  • EPSS 0.09%
  • Veröffentlicht 06.07.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 06:43:36

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning...