CVSS: 9.8EPSS: 1%CPEs: 114EXPL: 0CVE-2012-2486
https://notcve.org/view.php?id=CVE-2012-2486
12 Jul 2012 — The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953. La implementación del protocolo Cisco Discovery Protocol (CDP) en Cisco ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 109EXPL: 0CVE-2012-3073
https://notcve.org/view.php?id=CVE-2012-3073
12 Jul 2012 — The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338. ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2011-2555
https://notcve.org/view.php?id=CVE-2011-2555
29 Aug 2011 — Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a default password for the root administrator account, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtr76182. Cisco TelePresence Recording Server v1.7.2.x antes de v1.7.2.1 tiene una contraseña por defecto para la cuenta de administrador root, lo que hace más sencillo para atacantes remotos modificar la configuración a través de una sesión SSH, también conocido como Bug ID CSCtr76182 • http://securitytracker.com/id?1025872 • CWE-255: Credentials Management Errors •
CVSS: 10.0EPSS: 5%CPEs: 19EXPL: 0CVE-2011-0383
https://notcve.org/view.php?id=CVE-2011-0383
25 Feb 2011 — The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008. Java Servlet framework en dispositivos Cisco TelePresence Recording Server devices con software v1.6.x anterior a ... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2011-0388
https://notcve.org/view.php?id=CVE-2011-0388
25 Feb 2011 — Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825. Dispositivos TelePresence Recording Server con software v1.6.x y Cisco TelePresence Multipoint Switch (CTMS)... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2011-0391
https://notcve.org/view.php?id=CVE-2011-0391
25 Feb 2011 — Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an "ad hoc recording" issue, aka Bug ID CSCtf97205. Dispositivos Cisco TelePresence Recording Server con software v1.6.x permite a atacantes remotos provocar una denegación de servicio (agotamiento del hilo y corte del dispositivo) a través de una solicitud con formato incorrecto, relacionado con problema de "ad hoc rec... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2011-0392
https://notcve.org/view.php?id=CVE-2011-0392
25 Feb 2011 — Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833. Dispositivos Cisco TelePresence Recording Server con software v1.6.x no requieren de autenticación para una interfaz XML-RPC, permitiendo a atacantes remotos realizar acciones no especificadas a través de una sesión en el puerto TCP 8080, tambien conocido como ID CSCtg35833. • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 5%CPEs: 2EXPL: 0CVE-2011-0382
https://notcve.org/view.php?id=CVE-2011-0382
25 Feb 2011 — The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a "command injection vulnerability," aka Bug ID CSCtf97221. El subsistema CGI en dispositivos Cisco TelePresence Recording Server con software v1.6.x anterior a v1.6.2 permite a atacantes remotos ejecutar comandos arbitrarios mediante una petición al puerto TCP 443, relacionado con una "vulnerabilidad de inyección de... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 4%CPEs: 21EXPL: 0CVE-2011-0385
https://notcve.org/view.php?id=CVE-2011-0385
25 Feb 2011 — The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote attackers to create or overwrite arbitrary files, and possibly execute arbitrary code, via a crafted request, aka Bug IDs CSCth85786 and CSCth61065. La interfaz web de administración de dispositivos Cisco TelePresence Recording Server con el software v1.6.x y Cisco TelePresence Multipoint Switch ... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml •
CVSS: 9.8EPSS: 3%CPEs: 6EXPL: 0CVE-2011-0386
https://notcve.org/view.php?id=CVE-2011-0386
25 Feb 2011 — The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739. La implementación XML-RPC en dispositivos Cisco TelePresence Recording Server con software v1.6.x y v1.7.x anterior a v1.7.1 permite a atacantes remotos sobreescribir archivos y ejecutar código arbitrario a través de una solicitud manipulada, también conocido como... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml • CWE-94: Improper Control of Generation of Code ('Code Injection') •