Filtered by vendor Cisco
Subscriptions
Filtered by product Telepresence Video Communication Server Software
Subscriptions
Total
30 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-3368 | 1 Cisco | 2 Expressway Software, Telepresence Video Communication Server Software | 2025-04-12 | N/A |
Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.2 allow remote attackers to cause a denial of service (device reload) via a high rate of crafted packets, aka Bug ID CSCui06507. | ||||
CVE-2014-3370 | 1 Cisco | 2 Expressway Software, Telepresence Video Communication Server Software | 2025-04-12 | N/A |
Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug IDs CSCum60442 and CSCum60447. | ||||
CVE-2015-0772 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | N/A |
Cisco TelePresence Video Communication Server (VCS) X8.5RC4 allows remote attackers to cause a denial of service (CPU consumption or device outage) via a crafted SDP parameter-negotiation request in an SDP session during a SIP connection, aka Bug ID CSCut42422. | ||||
CVE-2015-4314 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | N/A |
The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 allows remote authenticated users to obtain sensitive password-hash information by reading the snapshot file, aka Bug ID CSCuv40422. | ||||
CVE-2015-4316 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | N/A |
The Mobile and Remote Access (MRA) endpoint-validation feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly validates the phone line used for registration, which allows remote authenticated users to conduct impersonation attacks via a crafted registration, aka Bug ID CSCuv40396. | ||||
CVE-2015-4327 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | N/A |
The CLI in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to obtain root privileges by writing script arguments to an unspecified file, aka Bug ID CSCuv12542. | ||||
CVE-2015-4330 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | N/A |
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556. | ||||
CVE-2015-6410 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2025-04-12 | N/A |
The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a user, aka Bug ID CSCuu97283. | ||||
CVE-2014-0662 | 1 Cisco | 2 Telepresence Video Communication Server Software, Telepresence Video Communication Servers Software | 2025-04-11 | N/A |
The SIP module in Cisco TelePresence Video Communication Server (VCS) before 8.1 allows remote attackers to cause a denial of service (process failure) via a crafted SDP message, aka Bug ID CSCue97632. | ||||
CVE-2022-20853 | 1 Cisco | 2 Telepresence Video Communication Server, Telepresence Video Communication Server Software | 2024-11-18 | 7.4 High |
A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected system. An attacker could exploit this vulnerability by persuading a user of the REST API to follow a crafted link. A successful exploit could allow the attacker to cause the affected system to reload. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. |