142 matches found
Cisco Expressway Series and TelePresence Video Communication Server Image Verification RCE (cisco-sa-ewver-c6WZPXRx)
According to its self-reported version, Cisco TelePresence Video Communication Server is affected by a vulnerability in the image verification function that allows an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system. The vulnerability...
Vulnerabilities fixed in Cisco Expressway Series and TelePresence Video Communication Server
Vulnerabilities have been fixed in Cisco Expressway Series and TelePresence Video Communication Server. The vulnerabilities allow an authenticated remote malicious person to execute arbitrary code to execute under user privileges and under root privileges. Cisco has released updates to fix the...
CVE-2021-34716
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root user. This vulnerability is due to incorrec...
CVE-2021-34715 Cisco Expressway Series and TelePresence Video Communication Server Image Verification Vulnerability
A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system. The vulnerability is due to...
Cisco Expressway Series和Cisco TelePresence Video Communication Server 数据伪造问题漏洞
Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...
Cisco Expressway Series和Cisco TelePresence Video Communication Server 安全漏洞
Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...
The vulnerability of the Session Initiation Protocol (SIP) implementation in Cisco TelePresence Video Communication Server and Cisco Expressway Series devices allows a attacker to induce a service failure.
The vulnerability of the Session Initiation Protocol SIP implementation of Cisco TelePresence Video Communication Server and Cisco Expressway Series devices is related to errors in processing incoming SIP traffic. Exploiting this vulnerability can allow a malicious actor to cause service failures...
Cisco TelePresence Video Communication Server and Cisco Expressway Series Server-Side Request Forgery Vulnerability
According to its self-reported version number, the version of Cisco TelePresence Video Communication Server is affected by an input- validation flaw that allows server-side request forgery SSRF leading to arbitrary network requests from the affected device. TRUSTED...
The vulnerability of the software for Cisco TelePresence Video Communication Server and Cisco Expressway Series devices is related to errors in network service restrictions, allowing attackers to compromise the integrity of protected information.
The vulnerability of the software on Cisco TelePresence Video Communication Server and Cisco Expressway Series conference communication devices is related to errors in network service restrictions. Exploiting this vulnerability allows a malicious actor to compromise the integrity of protected...
CVE-2019-1872
A vulnerability in Cisco TelePresence Video Communication Server VCS and Cisco Expressway Series software could allow an unauthenticated, remote attacker to cause an affected system to send arbitrary network requests. The vulnerability is due to improper restrictions on network services in the...
The vulnerability in the web interface of the microprogramming software for Cisco TelePresence Video Communication Server and Cisco Expressway software allows a perpetrator to bypass security restrictions and access the web interface.
The vulnerability of the web interface of the microprogramming software for Cisco TelePresence Video Communication Servers and Cisco Expressway software lies in improper restrictions on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor to bypass...
Critical Flaw in Cisco Elastic Services Controller Allows Full System Takeover
A critical vulnerability in the Cisco Elastic Services Controller could allow an unauthenticated, remote attacker to take full control of impacted systems – merely by sending a crafted request. Cisco Elastic Services Controller is a virtual network functions manager, which enables businesses to...
CVE-2019-1721 Cisco Expressway Series and Cisco TelePresence Video Communication Server Denial of Service Vulnerability
A vulnerability in the phone book feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service DoS condition on an affected system. The...
CVE-2019-1721 Cisco Expressway Series and Cisco TelePresence Video Communication Server Denial of Service Vulnerability
A vulnerability in the phone book feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service DoS condition on an affected system. The...
CVE-2019-1722
Summary: CVE-2019-1722 describes a CSRF vulnerability in the FindMe feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS). An unauthenticated, remote attacker could trick a logged-in user into following a malicious link to perform arbitrary actions via the web...
The vulnerability in the web interface of software for Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server allows a perpetrator to compromise the integrity of protected information.
The vulnerability of the software web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server lies in insufficiently checking incoming requests. Exploiting this vulnerability allows a malicious actor to compromise the integrity of...
Cisco TelePresence Video Communication Server (VCS) Cross-Site Request Forgery Vulnerability
Cisco TelePresence Video Communication Server is a video server developed by Cisco. Cisco TelePresence Video Communication Server suffers from a cross-site request forgery vulnerability that can be exploited by an attacker to submit a special request and execute arbitrary code...
Cisco Expressway Series and Cisco TelePresence Video Communication Server Remote Code Execution Vulnerability
A vulnerability in the administrative web interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker to execute code with user-level privileges on the underlying operating system. The vulnerability is due to insufficien...
CVE-2018-0409
A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service CUCM IM&P and the Cisco TelePresence Video Communication Server VCS and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage for all IM&P users,...
Cisco TelePresence Video Communication Server Expressway Denial of Service Vulnerability (CNVD-2018-11975)
Cisco TelePresence Video Communication Server VCS Expressway is a TelePresence video communication server from Cisco that integrates with Unified Communications and voice communication environments to provide the best possible experience for end users using a variety of communication tools. A...