5 matches found
CVE-2015-0653
CVE-2015-0653 affects Cisco TelePresence VCS/Expressway, Cisco TelePresence Conductor, and XC2.4-era components, where the management interfaces allow remote authentication bypass via crafted login parameters. The root cause is inadequate validation of login parameters, enabling an attacker with ...
CVE-2015-0652
CVE-2015-0652 affects Cisco TelePresence VCS, Cisco Expressway (before X8.2) and Cisco TelePresence Conductor (before XC2.4). The SDP packet handler vulnerability allows a remote, unauthenticated attacker to cause a denial of service (mishandled exception and device reload) via a crafted SDP medi...
CVE-2014-3370
CVE-2014-3370 affects Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Software predating X8.1.1. A vulnerability in the SIP processing/module allows remote attackers to trigger a denial of service (device reload) via crafted SIP packets (Bug IDs CSCum60442, CSCum60447). D...
CVE-2014-3369
Cisco TelePresence Video Communication Server (VCS) and Expressway Software prior to X8.1.1 are affected by a DoS vulnerability in the SIP IX implementation triggered by specially crafted SDP packets, causing a device reload. The issue is tied to CSCuo42252 (SIP IX) and is addressed by Cisco in a...
CVE-2014-3368
Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Software, versions prior to X8.2, are affected by CVE-2014-3368. A flaw in packet processing when handling a high rate of crafted IP packets can remotely cause a denial of service by triggering a device reload. Exploitation ...