Lucene search
K

626 matches found

Positive Technologies
Positive Technologies
added 2023/08/16 12:0 a.m.6 views

PT-2023-4589 · Cisco · Cisco Telepresence Video Communication Server +1

Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS version 14.0 Description: A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS...

7.7CVSS7.4AI score0.37885EPSS
Exploits1References19
CNNVD
CNNVD
added 2023/08/16 12:0 a.m.5 views

Cisco Expressway Series和Cisco TelePresence Video Communication Server 命令注入漏洞

Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...

7.2CVSS7.5AI score0.37885EPSS
Exploits1References2
OSV
OSV
added 2023/06/28 3:15 p.m.4 views

CVE-2023-20105

A vulnerability in the change password functionality of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with Read-only credentials to elevate privileges to Administrator on an affected system. This vulnerability is due to...

6.5CVSS5.8AI score0.00914EPSS
Exploits0References1
CVE
CVE
added 2023/06/28 12:0 a.m.738 views

CVE-2023-20192

CVE-2023-20192 affects Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS). The issue is a privilege-escalation flaw stemming from incorrect handling of password change requests, enabling an authenticated attacker with Administrator-level read-only credentials to eleva...

9.6CVSS8.2AI score0.00656EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/16 12:0 a.m.6 views

The vulnerability of the command-line interface (CLI) of Cisco Expressway micro-programming software and the Cisco TelePresence Video Communication Server (VCS) micro-programming software for device management allows a perpetrator to gain increased privileges.

The vulnerability of the command-line interface CLI of Cisco Expressway micro-programming software and the Cisco TelePresence Video Communication Server VCS micro-programming software for device management involves shortcomings in role-based access control. Exploiting this vulnerability can allow...

8.4CVSS7.5AI score0.00656EPSS
Exploits0References2Affected Software2
The Hacker News
The Hacker News
added 2023/06/08 5:18 a.m.5 views

Urgent Security Updates: Cisco and VMware Address Critical Vulnerabilities

VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in information disclosure and remote code execution. The most critical of the three vulnerabilities is a command injection vulnerability tracked as CVE-2023-20887 CVSS score: 9.8 that cou...

9.8CVSS8.8AI score0.98281EPSS
Exploits12
CNNVD
CNNVD
added 2023/06/08 12:0 a.m.6 views

多款Cisco产品 安全漏洞

Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...

9.6CVSS6.8AI score0.00914EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/06/07 11:0 p.m.6 views

CVE-2023-20192

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated attacker with Administrator-level read-only credentials to elevate their privileges to Administrator with read-write credentials on an affected system. Note: "Cis...

9.6CVSS7.2AI score0.00656EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/06/07 11:0 p.m.9 views

CVE-2023-20105

A vulnerability in the change password functionality of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with Read-only credentials to elevate privileges to Administrator on an affected system. This vulnerability is due to...

9.6CVSS6.9AI score0.00914EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/06/07 12:0 a.m.4 views

PT-2023-3112 · Cisco · Cisco Telepresence Video Communication Server +1

Name of the Vulnerable Software and Affected Versions: Cisco Expressway Series versions affected versions not specified Cisco TelePresence Video Communication Server VCS versions affected versions not specified Description: The issue is related to insufficient role-based access control in the CLI...

9.6CVSS7.3AI score0.00656EPSS
Exploits0References5
CISA
CISA
added 2022/10/06 12:0 a.m.15 views

Cisco Releases Security Updates for Multiple Products

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA...

1.6AI score
Exploits0References3
NCSC
NCSC
added 2022/10/06 12:0 a.m.4 views

Vulnerabilities fixed in Cisco TelePresence

Cisco has fixed vulnerabilities in Telepresence Video Communication Server and Touch10 systems. A malicious party could exploit the vulnerabilities in the Telepresence VCS exploited to gain access to sensitive information through cause a Cross-Site-Request-Forgery or a Denial-of-Service. cause...

7.4CVSS6.8AI score0.00897EPSS
Exploits0
CNNVD
CNNVD
added 2022/10/05 12:0 a.m.7 views

Cisco Expressway Series和Cisco TelePresence Video Communication Server 信任管理问题漏洞

Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...

7.4CVSS5.3AI score0.00897EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.9 views

The vulnerability of Cisco Expressway Series and Cisco Telepresence VCS conference control devices is related to errors in the authentication process, allowing attackers to execute a “man-in-the-middle” attack.

The vulnerability of Cisco Expressway Series and Cisco Telepresence VCS conference control devices is related to errors in the authentication process for certificates. Exploiting this vulnerability could allow a malicious actor to carry out a “man-in-the-middle” attack...

7.4CVSS6.5AI score0.01028EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2022/07/06 9:15 p.m.5 views

CVE-2022-20812

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device. Note: Cisco...

6.5CVSS6AI score0.01795EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/06 12:0 a.m.5 views

Cisco Expressway Series 和 Cisco TelePresence Video Communication Server 信任管理问题漏洞

Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...

9CVSS6.3AI score0.01028EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/06/14 12:0 a.m.5 views

The vulnerability of the logging component of Cisco Expressway micro-programming software and the Cisco TelePresence Video Communication Server micro-programming software for call management devices allows a perpetrator to disclose protected information.

The vulnerability of the logging component of Cisco Expressway microprogramming software and the Cisco TelePresence Video Communication Server microprogramming software management device relates to the disclosure of information through registration files. Exploiting this vulnerability can allow a...

4.3CVSS6.5AI score0.00887EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2022/05/27 2:15 p.m.4 views

CVE-2022-20807

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...

6.5CVSS5.8AI score0.00913EPSS
Exploits0References1
OSV
OSV
added 2022/05/26 2:15 p.m.1 views

CVE-2022-20809

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about...

6.5CVSS5.8AI score0.00887EPSS
Exploits0References1
CVE
CVE
added 2022/05/26 2:0 p.m.907 views

CVE-2022-20809

Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) have a CVE-2022-20809 vulnerability in their API and web-based management interfaces that could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. The issue...

6.5CVSS5.7AI score0.00887EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder