Lucene search

K
CiscoTelepresence Video Communication Server*

18 matches found

CVE
CVE
added 2023/10/10 2:15 p.m.4773 views

CVE-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

7.5CVSS8AI score0.94422EPSS
In wildWeb
CVE
CVE
added 2022/07/06 9:15 p.m.1083 views

CVE-2022-20812

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device. Note: Cisco Expre...

9CVSS7.4AI score0.00109EPSS
CVE
CVE
added 2022/07/06 9:15 p.m.1010 views

CVE-2022-20813

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device. Note: Cisco Expre...

9CVSS7.7AI score0.00087EPSS
CVE
CVE
added 2022/04/06 7:15 p.m.166 views

CVE-2022-20754

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the unde...

9CVSS8AI score0.00672EPSS
CVE
CVE
added 2023/08/16 9:15 p.m.121 views

CVE-2023-20209

A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code...

7.2CVSS7.5AI score0.30117EPSS
Web
CVE
CVE
added 2019/10/16 7:15 p.m.99 views

CVE-2019-12705

A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected...

6.1CVSS6AI score0.00319EPSS
CVE
CVE
added 2022/04/06 7:15 p.m.94 views

CVE-2022-20755

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the unde...

9CVSS8AI score0.03268EPSS
CVE
CVE
added 2019/10/29 7:15 p.m.72 views

CVE-2011-2538

Cisco Video Communications Server (VCS) before X7.0.3 contains a command injection vulnerability which allows remote, authenticated attackers to execute arbitrary commands.

9CVSS7.3AI score0.02957EPSS
CVE
CVE
added 2019/04/18 1:29 a.m.68 views

CVE-2019-1721

A vulnerability in the phone book feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnera...

7.7CVSS6.4AI score0.00437EPSS
CVE
CVE
added 2019/06/05 5:29 p.m.65 views

CVE-2019-1872

A vulnerability in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Series software could allow an unauthenticated, remote attacker to cause an affected system to send arbitrary network requests. The vulnerability is due to improper restrictions on network services in the af...

5.3CVSS5.4AI score0.00375EPSS
CVE
CVE
added 2020/11/18 7:15 p.m.63 views

CVE-2020-3482

A vulnerability in the Traversal Using Relays around NAT (TURN) server component of Cisco Expressway software could allow an unauthenticated, remote attacker to bypass security controls and send network traffic to restricted destinations. The vulnerability is due to improper validation of specific ...

6.5CVSS6.7AI score0.00197EPSS
CVE
CVE
added 2019/02/07 9:29 p.m.60 views

CVE-2019-1679

A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to trigger an HTTP request from an affected server to an arbitrary host. This type of attack ...

5CVSS5.2AI score0.00136EPSS
CVE
CVE
added 2019/04/18 1:29 a.m.52 views

CVE-2019-1720

A vulnerability in the XML API of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service (DoS) condition on an affected system. The vulnerability is d...

6.8CVSS5.5AI score0.00316EPSS
CVE
CVE
added 2017/10/19 8:29 a.m.51 views

CVE-2017-12287

A vulnerability in the cluster database (CDB) management component of Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to cause the CDB process on an affected system to restart unexpectedly, resulting in ...

4.3CVSS4.8AI score0.00497EPSS
CVE
CVE
added 2015/01/14 7:59 p.m.44 views

CVE-2015-0579

Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway allow remote attackers to cause a denial of service (memory and CPU consumption, and partial outage) via crafted SIP packets, aka Bug ID CSCur12473.

5CVSS6.7AI score0.00853EPSS
CVE
CVE
added 2019/04/18 1:29 a.m.44 views

CVE-2019-1722

A vulnerability in the FindMe feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The vulnerability is du...

6.5CVSS6.7AI score0.00141EPSS
CVE
CVE
added 2012/03/01 1:55 a.m.43 views

CVE-2012-0330

Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID CSCtr20426.

7.8CVSS6.7AI score0.00427EPSS
CVE
CVE
added 2012/03/01 1:55 a.m.43 views

CVE-2012-0331

Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP packet, as demonstrated by a SIP INVITE message from a Tandberg device, aka Bug ID CSCtq73319.

7.5CVSS6.7AI score0.0046EPSS