Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Telepresence_video_communication_server_software
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 29 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-07-07 | CVE-2016-1444 | The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7 and Expressway X8.1 through X8.6 mishandles certificates, which allows remote attackers to bypass authentication via an arbitrary trusted certificate, aka Bug ID CSCuz64601. | Telepresence_video_communication_server, Telepresence_video_communication_server_software | N/A | ||
| 2015-03-13 | CVE-2015-0653 | The management interface in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X7.2.4, X8 before X8.1.2, and X8.2 before X8.2.2 and Cisco TelePresence Conductor before X2.3.1 and XC2.4 before XC2.4.1 allows remote attackers to bypass authentication via crafted login parameters, aka Bug IDs CSCur02680 and CSCur05556. | Expressway_software, Telepresence_conductor, Telepresence_video_communication_server_software | N/A | ||
| 2016-03-12 | CVE-2016-1338 | Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026. | Telepresence_video_communication_server_software | 6.5 | ||
| 2016-02-09 | CVE-2016-1316 | Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction with Jabber Guest, allows remote attackers to obtain sensitive call-statistics information via a direct request to an unspecified URL, aka Bug ID CSCux73362. | Telepresence_video_communication_server_software | 5.3 | ||
| 2015-12-13 | CVE-2015-6414 | Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same encryption key across different customers' installations, which makes it easier for local users to defeat cryptographic protection mechanisms by leveraging knowledge of a key from another installation, aka Bug ID CSCuw64516. | Telepresence_video_communication_server_software | N/A | ||
| 2015-12-13 | CVE-2015-6413 | Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated users to bypass intended read-only restrictions and upload Tandberg Linux Package (TLP) files by visiting an administrative page, aka Bug ID CSCuw55651. | Telepresence_video_communication_server_software | N/A | ||
| 2015-12-14 | CVE-2015-6410 | The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended call-reception and call-setup restrictions by spoofing a user, aka Bug ID CSCuu97283. | Telepresence_video_communication_server_software | N/A | ||
| 2015-11-21 | CVE-2015-6376 | Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv72412. | Telepresence_video_communication_server_software | N/A | ||
| 2015-10-12 | CVE-2015-6318 | Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 and X8.5.2 allows local users to write to arbitrary files via an unspecified symlink attack, aka Bug ID CSCuv11969. | Telepresence_video_communication_server_software | N/A | ||
| 2015-08-26 | CVE-2015-6261 | Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to bypass intended access restrictions and read configuration files by leveraging the Mobile and Remote Access (MRA) role and establishing a TFTP session, aka Bug ID CSCuv78531. | Telepresence_video_communication_server_software | N/A |