13 matches found
CVE-2023-20090
A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to improper access control on certain CLI commands. An attacker could exploit this vulnerability by running a series of...
CVE-2022-20931
A vulnerability in the version control of Cisco TelePresence CE Software for Cisco Touch 10 Devices could allow an unauthenticated, adjacent attacker to install an older version of the software on an affected device. This vulnerability is due to insufficient version control. An attacker could...
CVE-2022-20793
A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device. This vulnerability is due to insufficient identity verification...
CVE-2022-20793 Cisco Touch 10 Device Insufficient Identity Verification Vulnerability
A vulnerability in pairing process of Cisco TelePresence CE Software and RoomOS Software for Cisco Touch 10 Devices could allow an unauthenticated, remote attacker to impersonate a legitimate device and pair with an affected device. This vulnerability is due to insufficient identity verification...
CVE-2022-20931 Cisco Touch 10 Device Downgrade Attack Vulnerability
A vulnerability in the version control of Cisco TelePresence CE Software for Cisco Touch 10 Devices could allow an unauthenticated, adjacent attacker to install an older version of the software on an affected device. This vulnerability is due to insufficient version control. An attacker could...
PT-2023-2532 · Cisco · Cisco Telepresence Ce +1
Name of the Vulnerable Software and Affected Versions: Cisco TelePresence CE and RoomOS versions affected versions not specified Description: The issue is related to improper access controls on files in the local file system, allowing an authenticated, local attacker to overwrite arbitrary files...
Cisco TelePresence CE SSRF (cisco-sa-roomos-trav-beFvCcyu)
According to its self-reported version, Cisco TelePresence Collaboration Endpoint Software is affected by a server-side request forgery SSRF vulnerability. Due to improper invalidation of user-supplied input, a local attacker could send arbitrary network requests that are sourced from the affecte...
Cisco Touch 10 安全漏洞
Cisco Touch 10 is a video conferencing system control unit from Cisco. It is designed for intuitive touch-based interaction with Webex Room Kit Series, Webex Rome Series, and Panorama Series systems, providing instant access to meetings, contacts, directories, and content. An authentication error...
CVE-2021-34758
A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service DoS condition. This vulnerability is due to insufficient...
Cisco RoomOS Software Privilege Permission and Access Control Issues Vulnerability
Cisco RoomOS Software is the United States Cisco Cisco company's set of automatic management software for Cisco devices. The software is mainly used to upgrade, manage the motherboard firmware of Cisco devices. A privilege permission and access control issue vulnerability exists in Cisco...
Multiple Cisco Products CVE-2019-15967 Local Security Bypass Vulnerability
Description Multiple Cisco Products are prone to a local security-bypass vulnerability. An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. This issue is being tracked by Cisco Bug ID CSCvq29891. Technologi...
Cisco TelePresence CE Software CVE-2019-15274 Local Command Injection Vulnerability
Description Cisco TelePresence CE Software is prone to a local command-injection vulnerability. An attacker may exploit this issue to inject and execute arbitrary commands. This issue being tracked by Cisco Bug IDs CSCvq29893. Technologies Affected Cisco TelePresence CE Software 8.0.0 Cisco...
Cisco TelePresence CE and TC Software 'SIP' DoS Vulnerability (cisco-sa-20170607-tele)
Cisco TelePresence Endpoint is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...