15 matches found
EUVD-2014-3287
Malware in sbrugna...
EUVD-2013-3389
Malware in sbrugna...
EUVD-2014-2196
Malware in sbrugna...
The vulnerability of the password-changing function of Cisco Expressway Series and Cisco Telepresence VCS devices allows attackers to increase their privileges.
The vulnerability of password-changing functions in Cisco Expressway Series and Cisco Telepresence VCS devices is related to errors in processing password-change requests. Exploiting this vulnerability can allow a malicious actor to enhance their privileges by sending specially crafted passwords...
The vulnerability of the microprogramming software of the Cisco TelePresence VCS allows a intruder to gain access to the device.
The vulnerability of the control interface for microprogrammed software in Cisco TelePresence VCS devices is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to the device using a specially crafte...
Cisco TelePresence VCS and Conductor SDP Message Denial of Service Vulnerability
Cisco TelePresence is a telepresence conferencing solution developed by Cisco.Cisco Expressway is a video conferencing application. A security vulnerability in Cisco TelePresence VCS and Conductor SDP message handling allows attackers to exploit the vulnerability to submit special IPv4 or IPv6v6...
Cisco TelePresence System MXP Series Software Denial of Service Vulnerability
A vulnerability in Cisco TelePresence System MXP Series Software could allow an unauthenticated, remote attacker to cause an affected system to become unresponsive to management session requests via Telnet. The vulnerability is due to a memory leak when management flows are created. An attacker...
CVE-2014-3274
Cisco TelePresence System CTS 6.0.55 and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager UCM to...
CVE-2014-3274
Cisco TelePresence System CTS 6.0.55 and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager UCM to...
CVE-2014-2160
The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service device reload via crafted packets, aka Bug ID CSCty45745...
Cisco TelePresence System Software Command Execution
According to the self-reported device name of the remote device, it may be a Cisco TelePresence System device. Nessus cannot determine the version of the software running on this device, but it may be affected by a vulnerability that could allow an unauthorized user to execute arbitrary commands...
CVE-2014-0661
The System Status Collection Daemon SSCD in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.242, and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.411, allows remote attackers to execute arbitrary commands or cause a denial of service stack memory corruption via a crafte...
CVE-2014-0661
The CVE-2014-0661 issue affects Cisco TelePresence System software (SSCD in System Status Collection Daemon) prior to specific versions (1.10.2(42) for 500-37/1000/1300-65/3xxx; 6.0.4(11) for 500-32/1300-47/TX1310 65/TX9xxx). A crafted XML-RPC message can enable remote command execution or cause ...
Cisco Patches DoS, Buffer Overflow Vulnerabilities in UCM
Cisco has again pushed out an update for its Unified Communications Manager product, fixing several vulnerabilities that if left unpatched could lead to a denial of service attack, allow attackers to modify data or execute arbitrary commands, among other problems. The problems exist in versions...
Cisco Releases Security Advisory
Cisco has released a security advisory to address a vulnerability in the Cisco TelePresence System. This vulnerability may allow a remote attacker to access the web server via a user account created with default credentials, which gives the attacker full administrative rights to the system. US-CE...