Telepresence System Software Security Vulnerabilities and Issues — Telepresence System Software CVE List

Lucene search

CiscoTelepresence System Software

25 matches found

CVE•added 2014/09/12 1:55 a.m.•60 views

CVE-2014-3362

Memory leak in Cisco TelePresence System Edge MXP Series Software F9.3.3 and earlier allows remote attackers to cause a denial of service (management outage) via multiple TELNET connections, aka Bug ID CSCuo63677.

7.8CVSS6.8AI score0.00773EPSS

CVE•added 2011/02/25 12:0 p.m.•47 views

CVE-2011-0379

Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manage...

7.9CVSS7.9AI score0.05023EPSS

CVE•added 2011/02/25 12:0 p.m.•45 views

CVE-2011-0373

The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31685.

9CVSS7.7AI score0.0163EPSS

CVE•added 2011/02/25 12:0 p.m.•45 views

CVE-2011-0377

Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to cause a denial of service (service crash) via a malformed SOAP request in conjunction with a spoofed TelePresence Manager that supplies an invalid IP address, aka Bug ID CSCth03605.

7.8CVSS6.9AI score0.00602EPSS

CVE•added 2014/05/02 10:55 a.m.•45 views

CVE-2014-2156

Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45739.

7.1CVSS7.3AI score0.00399EPSS

CVE•added 2014/05/02 10:55 a.m.•45 views

CVE-2014-2157

Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45733.

7.1CVSS7.3AI score0.00399EPSS

CVE•added 2014/05/02 10:55 a.m.•45 views

CVE-2014-2159

The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCtq78722.

7.8CVSS7.3AI score0.00218EPSS

CVE•added 2011/02/25 12:0 p.m.•44 views

CVE-2011-0378

The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command injection vulnerability," aka Bug ID CSCtb52587.

8.3CVSS8.1AI score0.01871EPSS

CVE•added 2011/02/25 12:0 p.m.•42 views

CVE-2011-0375

The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCth24671.

9CVSS7.7AI score0.0163EPSS

CVE•added 2011/02/25 12:0 p.m.•42 views

CVE-2011-0376

The TFTP implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x, 1.6.0, and 1.6.1 allows remote attackers to obtain sensitive information via a GET request, aka Bug ID CSCte43876.

10CVSS6.3AI score0.012EPSS

CVE•added 2012/03/01 1:55 a.m.•42 views

CVE-2012-0330

Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID CSCtr20426.

7.8CVSS6.7AI score0.00427EPSS

CVE•added 2012/07/12 10:34 a.m.•41 views

CVE-2012-3073

The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a ...

7.8CVSS6.7AI score0.00475EPSS

CVE•added 2014/01/22 9:55 p.m.•41 views

CVE-2014-0661

The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a ...

8.3CVSS7.8AI score0.04042EPSS

CVE•added 2011/02/25 12:0 p.m.•40 views

CVE-2011-0374

9CVSS7.7AI score0.0163EPSS

CVE•added 2012/03/01 1:55 a.m.•40 views

CVE-2012-0331

Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP packet, as demonstrated by a SIP INVITE message from a Tandberg device, aka Bug ID CSCtq73319.

7.5CVSS6.7AI score0.0046EPSS

CVE•added 2012/07/12 10:34 a.m.•38 views

CVE-2012-3074

An unspecified API on Cisco TelePresence Immersive Endpoint Devices before 1.9.1 allows remote attackers to execute arbitrary commands by leveraging certain adjacency and sending a malformed request on TCP port 61460, aka Bug ID CSCtz38382.

8.3CVSS7.9AI score0.00904EPSS

CVE•added 2012/07/12 10:34 a.m.•38 views

CVE-2012-3075

The administrative web interface on Cisco TelePresence Immersive Endpoint Devices before 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443, aka Bug ID CSCtn99724.

9CVSS7.4AI score0.00619EPSS

CVE•added 2014/05/02 10:55 a.m.•38 views

CVE-2014-2158

Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45720.

7.8CVSS7.3AI score0.00427EPSS

CVE•added 2014/05/02 10:55 a.m.•38 views

CVE-2014-2161

The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCty45731.

7.8CVSS7.3AI score0.00218EPSS

CVE•added 2011/02/25 12:0 p.m.•37 views

CVE-2011-0372

The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31640.

10CVSS8.1AI score0.04008EPSS

CVE•added 2012/07/12 10:34 a.m.•37 views

CVE-2012-2486

The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitr...

8.3CVSS7.7AI score0.01028EPSS

CVE•added 2013/05/31 3:55 p.m.•36 views

CVE-2013-1246

Cisco TelePresence System Software does not properly handle inactive t-shell sessions, which allows remote authenticated users to cause a denial of service (memory consumption and service outage) by establishing multiple SSH connections, aka Bug ID CSCug77610.

6.8CVSS6.5AI score0.00605EPSS

CVE•added 2014/05/02 10:55 a.m.•35 views

CVE-2014-2160

The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCty45745.

7.8CVSS7.3AI score0.00218EPSS

CVE•added 2013/08/08 2:55 p.m.•34 views

CVE-2013-3454

Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X00, 30X0, and 3X00 devices, and 6.0.3 and earlier on TX 9X00 devices, has a default password for the pwrecovery account, which makes it easier for remote attackers to modify the configuration or perform arbitrary actions via HTTP...

10CVSS7.2AI score0.00838EPSS

CVE•added 2014/05/26 12:25 a.m.•31 views

CVE-2014-3274

Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM)...

4.3CVSS6.2AI score0.00382EPSS