A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server (VCS) Expressway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to exhaustion of file descriptors while processing a high volume.....
7.5CVSS
7AI Score
0.002EPSS
A vulnerability in the cluster database (CDB) management component of Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to cause the CDB process on an affected system to restart unexpectedly, resulting in....
4.3CVSS
6.9AI Score
0.001EPSS
A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition. The vulnerability is....
8.6CVSS
7.3AI Score
0.004EPSS
The administrative web interface in Cisco TelePresence Video Communication Server Expressway X8.5.2 allows remote authenticated users to execute arbitrary commands via crafted fields, aka Bug ID...
8.8CVSS
8.7AI Score
0.081EPSS
The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7 and Expressway X8.1 through X8.6 mishandles certificates, which allows remote attackers to bypass authentication via an arbitrary trusted certificate, aka Bug ID...
6.5CVSS
6.8AI Score
0.001EPSS
Cisco TelePresence Video Communications Server (VCS) X8.x before X8.7.2 allows remote attackers to cause a denial of service (service disruption) via a crafted URI in a SIP header, aka Bug ID...
7.5CVSS
7.2AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID...
5.8AI Score
0.001EPSS
Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway allow remote attackers to cause a denial of service (memory and CPU consumption, and partial outage) via crafted SIP packets, aka Bug ID...
6.8AI Score
0.003EPSS
The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's...
6.7AI Score
0.004EPSS
Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP packet, as demonstrated by a SIP INVITE message from a Tandberg device, aka Bug ID...
6.8AI Score
0.001EPSS
Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID...
6.8AI Score
0.001EPSS