626 matches found
PT-2023-4589 · Cisco · Cisco Telepresence Video Communication Server +1
Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS version 14.0 Description: A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS...
Cisco Expressway Series和Cisco TelePresence Video Communication Server 命令注入漏洞
Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...
CVE-2023-20105
A vulnerability in the change password functionality of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with Read-only credentials to elevate privileges to Administrator on an affected system. This vulnerability is due to...
CVE-2023-20192
CVE-2023-20192 affects Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS). The issue is a privilege-escalation flaw stemming from incorrect handling of password change requests, enabling an authenticated attacker with Administrator-level read-only credentials to eleva...
The vulnerability of the command-line interface (CLI) of Cisco Expressway micro-programming software and the Cisco TelePresence Video Communication Server (VCS) micro-programming software for device management allows a perpetrator to gain increased privileges.
The vulnerability of the command-line interface CLI of Cisco Expressway micro-programming software and the Cisco TelePresence Video Communication Server VCS micro-programming software for device management involves shortcomings in role-based access control. Exploiting this vulnerability can allow...
Urgent Security Updates: Cisco and VMware Address Critical Vulnerabilities
VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in information disclosure and remote code execution. The most critical of the three vulnerabilities is a command injection vulnerability tracked as CVE-2023-20887 CVSS score: 9.8 that cou...
多款Cisco产品 安全漏洞
Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...
CVE-2023-20192
Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated attacker with Administrator-level read-only credentials to elevate their privileges to Administrator with read-write credentials on an affected system. Note: "Cis...
CVE-2023-20105
A vulnerability in the change password functionality of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with Read-only credentials to elevate privileges to Administrator on an affected system. This vulnerability is due to...
PT-2023-3112 · Cisco · Cisco Telepresence Video Communication Server +1
Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series versions affected versions not specified Cisco TelePresence Video Communication Server VCS versions affected versions not specified Description: The issue is related to insufficient role-based access control in the CLI...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...
Vulnerabilities fixed in Cisco TelePresence
Cisco has fixed vulnerabilities in Telepresence Video Communication Server and Touch10 systems. A malicious party could exploit the vulnerabilities in the Telepresence VCS exploited to gain access to sensitive information through cause a Cross-Site-Request-Forgery or a Denial-of-Service. cause...
Cisco Expressway Series和Cisco TelePresence Video Communication Server 信任管理问题漏洞
Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...
The vulnerability of Cisco Expressway Series and Cisco Telepresence VCS conference control devices is related to errors in the authentication process, allowing attackers to execute a “man-in-the-middle” attack.
The vulnerability of Cisco Expressway Series and Cisco Telepresence VCS conference control devices is related to errors in the authentication process for certificates. Exploiting this vulnerability could allow a malicious actor to carry out a “man-in-the-middle” attack...
CVE-2022-20812
Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device. Note: Cisco...
Cisco Expressway Series 和 Cisco TelePresence Video Communication Server 信任管理问题漏洞
Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...
The vulnerability of the logging component of Cisco Expressway micro-programming software and the Cisco TelePresence Video Communication Server micro-programming software for call management devices allows a perpetrator to disclose protected information.
The vulnerability of the logging component of Cisco Expressway microprogramming software and the Cisco TelePresence Video Communication Server microprogramming software management device relates to the disclosure of information through registration files. Exploiting this vulnerability can allow a...
CVE-2022-20807
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...
CVE-2022-20809
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...
CVE-2022-20809
Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) have a CVE-2022-20809 vulnerability in their API and web-based management interfaces that could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. The issue...