CVE-2014-3368
https://notcve.org/view.php?id=CVE-2014-3368
Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.2 allow remote attackers to cause a denial of service (device reload) via a high rate of crafted packets, aka Bug ID CSCui06507. Cisco TelePresence Video Communication Server (VCS) y Expressway Software anterior a X8.2 permiten a atacantes remotos causar una denegación de servicio (recarga del dispositivo) a través de una tasa alta de paquetes manipulados, también conocido como Bug ID CSCui06507. • http://secunia.com/advisories/60850 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs http://tools.cisco.com/security/center/viewAlert.x?alertId=35827 http://www.securitytracker.com/id/1031055 • CWE-399: Resource Management Errors •
CVE-2014-3369
https://notcve.org/view.php?id=CVE-2014-3369
The SIP IX implementation in Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allows remote attackers to cause a denial of service (device reload) via crafted SDP packets, aka Bug ID CSCuo42252. La implementación SIP IX en Cisco TelePresence Video Communication Server (VCS) y Expressway Software anterior a X8.1.1 permite a atacantes remotos causar una denegación de servicio (recarga del dispositivo) a través de paquetes SDP manipulados, también conocido como Bug ID CSCuo42252. • http://secunia.com/advisories/60850 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs http://tools.cisco.com/security/center/viewAlert.x?alertId=35828 http://www.securitytracker.com/id/1031055 • CWE-399: Resource Management Errors •
CVE-2014-3370
https://notcve.org/view.php?id=CVE-2014-3370
Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug IDs CSCum60442 and CSCum60447. Cisco TelePresence Video Communication Server (VCS) y Expressway Software anterior a X8.1.1 permiten a atacantes remotos causar una denegación de servicio (recarga del dispositivo) a través de paquetes SIP manipulados, también conocido como Bug IDs CSCum60442 y CSCum60447. • http://secunia.com/advisories/60850 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs http://tools.cisco.com/security/center/viewAlert.x?alertId=35829 http://www.securitytracker.com/id/1031055 • CWE-399: Resource Management Errors •
CVE-2014-0675
https://notcve.org/view.php?id=CVE-2014-0675
The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship, aka Bug ID CSCue07471. El componenete Expressway en Cisco TelePresence Video Communication Server (VCS) usa el mismo certificado X.509 por defecto a través de diferentes instalaciones de clientes, lo que hace más sencillo para atacantes remotos llevar a cabo ataques de man-in-the-middle contra sesiones SSL mediante el aprovechamiento de la relación de confianza en el certificado, también conocido como Bug ID CSCue07471. • http://osvdb.org/102377 http://secunia.com/advisories/56621 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0675 http://tools.cisco.com/security/center/viewAlert.x?alertId=32540 http://www.securityfocus.com/bid/65101 http://www.securitytracker.com/id/1029682 https://exchange.xforce.ibmcloud.com/vulnerabilities/90650 • CWE-255: Credentials Management Errors •
CVE-2014-0662
https://notcve.org/view.php?id=CVE-2014-0662
The SIP module in Cisco TelePresence Video Communication Server (VCS) before 8.1 allows remote attackers to cause a denial of service (process failure) via a crafted SDP message, aka Bug ID CSCue97632. El módulo SIP en Cisco TelePresence Video Communication Server (VCS) anterior a la versión 8.1 permite a atacantes remotos provocar una denegación de servicio (fallo del proceso) a través de un mensaje SDP manipulado, también conocido como Bug ID CSCue97632. • http://osvdb.org/102363 http://secunia.com/advisories/56592 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140122-vcs http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=32409 http://www.securityfocus.com/bid/65076 http://www.securitytracker.com/id/1029655 https://exchange.xforce.ibmcloud.com/vulnerabilities/90621 • CWE-20: Improper Input Validation •