CVSS: 9.8EPSS: 5%CPEs: 39EXPL: 0CVE-2014-0661
https://notcve.org/view.php?id=CVE-2014-0661
22 Jan 2014 — The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796. El System Status Collection Daemon (SSCD) de Cisco TelePresence System 500-37, 1000, 1300-65, y 3xxx anterior a la versión 1.10.2(42), y 500-32, 1300-47, TX1310 65, ... • http://osvdb.org/102362 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 84EXPL: 0CVE-2013-3454
https://notcve.org/view.php?id=CVE-2013-3454
08 Aug 2013 — Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X00, 30X0, and 3X00 devices, and 6.0.3 and earlier on TX 9X00 devices, has a default password for the pwrecovery account, which makes it easier for remote attackers to modify the configuration or perform arbitrary actions via HTTPS requests, aka Bug ID CSCui43128. Cisco TelePresence System Software v1.10.1 y anteriores en dispositivos 500, 13X0, 1X00, 30X0, y 3X00, y v6.0.3 y anteriores en dispositivos TX 9X00, tiene una contraseña predete... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130807-tp • CWE-255: Credentials Management Errors •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-1246
https://notcve.org/view.php?id=CVE-2013-1246
31 May 2013 — Cisco TelePresence System Software does not properly handle inactive t-shell sessions, which allows remote authenticated users to cause a denial of service (memory consumption and service outage) by establishing multiple SSH connections, aka Bug ID CSCug77610. Cisco TelePresence System Software no gestiona de forma adecuada las sesiones t-shell inactivas, lo que permite a usuarios remotos autenticados provocar una denegación de servicio (consumo de memoria y corte de servicio) al establecer múltiples conexi... • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1246 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 1%CPEs: 114EXPL: 0CVE-2012-2486
https://notcve.org/view.php?id=CVE-2012-2486
12 Jul 2012 — The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953. La implementación del protocolo Cisco Discovery Protocol (CDP) en Cisco ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 109EXPL: 0CVE-2012-3073
https://notcve.org/view.php?id=CVE-2012-3073
12 Jul 2012 — The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338. ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms •
CVSS: 9.8EPSS: 0%CPEs: 42EXPL: 0CVE-2012-3074
https://notcve.org/view.php?id=CVE-2012-3074
12 Jul 2012 — An unspecified API on Cisco TelePresence Immersive Endpoint Devices before 1.9.1 allows remote attackers to execute arbitrary commands by leveraging certain adjacency and sending a malformed request on TCP port 61460, aka Bug ID CSCtz38382. Una API no especificado en dispositivos Cisco TelePresence Immersive Endpoint anterior a v1.9.1 permite a atacantes remotos ejecutar comandos arbitrarios mediante el envío de una solicitud mal formada al puerto TCP 61460, también conocido como error ID CSCtz38382. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 33EXPL: 0CVE-2012-3075
https://notcve.org/view.php?id=CVE-2012-3075
12 Jul 2012 — The administrative web interface on Cisco TelePresence Immersive Endpoint Devices before 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443, aka Bug ID CSCtn99724. La interfaz web de administración en Cisco TelePresence Immersive Endpoint Devices anterior a v1.7.4 permite a usuarios remotos autenticados ejecutar código arbitrario a través de una petición TCP mal formada al puerto 443, también conocido como Bug ID CSCtn99724 • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-cts • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2012-0330
https://notcve.org/view.php?id=CVE-2012-0330
01 Mar 2012 — Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID CSCtr20426. Cisco TelePresence Video Communication Server con software anterior a vX7.0.1 permite a atacantes remotos provocar una denegación de servicio (caída de dispositivo) a través de un paquete SIP manipulado, también conocido como Bug ID CSCtr20426. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-vcs • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2012-0331
https://notcve.org/view.php?id=CVE-2012-0331
01 Mar 2012 — Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a crafted SIP packet, as demonstrated by a SIP INVITE message from a Tandberg device, aka Bug ID CSCtq73319. Cisco TelePresence Video Communication Server con software anterior a v7.0.1 permite a atacantes remotos provocar una denegación de servicio (caída de dispositivo) a través de un paquete SIP manipulado, como se demostró con un mensaje SIP INVITE desde un di... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-vcs • CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 2%CPEs: 7EXPL: 2CVE-2011-2544 – Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-2544
23 Sep 2011 — Cross-site scripting (XSS) vulnerability in the web interface in Cisco TelePresence System MXP Series F9.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via a crafted Call ID, as demonstrated by resultant cross-site request forgery (CSRF) attacks that change passwords or cause a denial of service, aka Bug ID CSCtq46488. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados en la interfaz web de Cisco TelePresence System MXP Serie F9.1 y anteriores, p... • https://www.exploit-db.com/exploits/17871 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •