CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0CVE-2015-0652
https://notcve.org/view.php?id=CVE-2015-0652
13 Mar 2015 — The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X8.2 and Cisco TelePresence Conductor before XC2.4 allows remote attackers to cause a denial of service (mishandled exception and device reload) via a crafted media description, aka Bug IDs CSCus96593 and CSCun73192. La implementación Session Description Protocol (SDP) en Cisco TelePresence Video Communication Server (VCS) y Cisco Expressway anterior a X8.2 y Cisco TelePre... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-vcs • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 4%CPEs: 8EXPL: 0CVE-2015-0653
https://notcve.org/view.php?id=CVE-2015-0653
13 Mar 2015 — The management interface in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X7.2.4, X8 before X8.1.2, and X8.2 before X8.2.2 and Cisco TelePresence Conductor before X2.3.1 and XC2.4 before XC2.4.1 allows remote attackers to bypass authentication via crafted login parameters, aka Bug IDs CSCur02680 and CSCur05556. La interfaz de gestión en Cisco TelePresence Video Communication Server (VCS) y Cisco Expressway anterior a X7.2.4, X8 anterior a X8.1.2, y X8.2 anterior a X8.2.2 y ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-vcs • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0579
https://notcve.org/view.php?id=CVE-2015-0579
14 Jan 2015 — Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway allow remote attackers to cause a denial of service (memory and CPU consumption, and partial outage) via crafted SIP packets, aka Bug ID CSCur12473. Cisco TelePresence Video Communication Server (VCS) y Cisco Expressway permite a atacantes remotos causar una denegación de servicio (consumo de memoria y CPU, y interrupción parcial) a través de paquetes SIP manipulados, también conocido como Bug ID CSCur12473. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0579 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3368
https://notcve.org/view.php?id=CVE-2014-3368
19 Oct 2014 — Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.2 allow remote attackers to cause a denial of service (device reload) via a high rate of crafted packets, aka Bug ID CSCui06507. Cisco TelePresence Video Communication Server (VCS) y Expressway Software anterior a X8.2 permiten a atacantes remotos causar una denegación de servicio (recarga del dispositivo) a través de una tasa alta de paquetes manipulados, también conocido como Bug ID CSCui06507. • http://secunia.com/advisories/60850 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3369
https://notcve.org/view.php?id=CVE-2014-3369
19 Oct 2014 — The SIP IX implementation in Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allows remote attackers to cause a denial of service (device reload) via crafted SDP packets, aka Bug ID CSCuo42252. La implementación SIP IX en Cisco TelePresence Video Communication Server (VCS) y Expressway Software anterior a X8.1.1 permite a atacantes remotos causar una denegación de servicio (recarga del dispositivo) a través de paquetes SDP manipulados, también conocido como Bug ID C... • http://secunia.com/advisories/60850 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3370
https://notcve.org/view.php?id=CVE-2014-3370
19 Oct 2014 — Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug IDs CSCum60442 and CSCum60447. Cisco TelePresence Video Communication Server (VCS) y Expressway Software anterior a X8.1.1 permiten a atacantes remotos causar una denegación de servicio (recarga del dispositivo) a través de paquetes SIP manipulados, también conocido como Bug IDs CSCum60442 y CSCum60447. • http://secunia.com/advisories/60850 • CWE-399: Resource Management Errors •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0675
https://notcve.org/view.php?id=CVE-2014-0675
23 Jan 2014 — The Expressway component in Cisco TelePresence Video Communication Server (VCS) uses the same default X.509 certificate across different customers' installations, which makes it easier for remote attackers to conduct man-in-the-middle attacks against SSL sessions by leveraging the certificate's trust relationship, aka Bug ID CSCue07471. El componenete Expressway en Cisco TelePresence Video Communication Server (VCS) usa el mismo certificado X.509 por defecto a través de diferentes instalaciones de clientes,... • http://osvdb.org/102377 • CWE-255: Credentials Management Errors •
CVSS: 7.5EPSS: 2%CPEs: 10EXPL: 0CVE-2014-0662
https://notcve.org/view.php?id=CVE-2014-0662
22 Jan 2014 — The SIP module in Cisco TelePresence Video Communication Server (VCS) before 8.1 allows remote attackers to cause a denial of service (process failure) via a crafted SDP message, aka Bug ID CSCue97632. El módulo SIP en Cisco TelePresence Video Communication Server (VCS) anterior a la versión 8.1 permite a atacantes remotos provocar una denegación de servicio (fallo del proceso) a través de un mensaje SDP manipulado, también conocido como Bug ID CSCue97632. • http://osvdb.org/102363 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2012-5444
https://notcve.org/view.php?id=CVE-2012-5444
17 Jan 2013 — Cisco TelePresence Video Communication Server (VCS) X7.0.3 does not properly process certain search rules, which allows remote attackers to create conferences via an unspecified Conductor request, aka Bug ID CSCub67989. Cisco TelePresence Video Communication Server (VCS) vX7.0.3 no procesa correctamente ciertas reglas de búsqueda, lo que permite crear conferencias a atacantes remotos a través de una petición de Conductor no especificado. Se trata de un problema también conocido como Bug ID CSCub67989. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5444 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2012-0330
https://notcve.org/view.php?id=CVE-2012-0330
01 Mar 2012 — Cisco TelePresence Video Communication Server with software before X7.0.1 allows remote attackers to cause a denial of service (device crash) via a malformed SIP message, aka Bug ID CSCtr20426. Cisco TelePresence Video Communication Server con software anterior a vX7.0.1 permite a atacantes remotos provocar una denegación de servicio (caída de dispositivo) a través de un paquete SIP manipulado, también conocido como Bug ID CSCtr20426. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-vcs • CWE-399: Resource Management Errors •