CVSS: 9.8EPSS: 1%CPEs: 114EXPL: 0CVE-2012-2486
https://notcve.org/view.php?id=CVE-2012-2486
12 Jul 2012 — The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953. La implementación del protocolo Cisco Discovery Protocol (CDP) en Cisco ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 109EXPL: 0CVE-2012-3073
https://notcve.org/view.php?id=CVE-2012-3073
12 Jul 2012 — The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338. ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms •
CVSS: 9.8EPSS: 4%CPEs: 108EXPL: 0CVE-2011-0379
https://notcve.org/view.php?id=CVE-2011-0379
25 Feb 2011 — Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote attackers to execute arbitrary code via a crafted Cisco Discovery Protocol packet, aka Bug IDs CSCtd75769, CSCtd75766, CSCtd75754, and CSCtd75761. Desbordamien... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 5%CPEs: 19EXPL: 0CVE-2011-0383
https://notcve.org/view.php?id=CVE-2011-0383
25 Feb 2011 — The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008. Java Servlet framework en dispositivos Cisco TelePresence Recording Server devices con software v1.6.x anterior a ... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml • CWE-287: Improper Authentication •
CVSS: 8.1EPSS: 0%CPEs: 17EXPL: 0CVE-2011-0387
https://notcve.org/view.php?id=CVE-2011-0387
25 Feb 2011 — The administrative web interface on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote authenticated users to cause a denial of service or have unspecified other impact via vectors involving access to a servlet, aka Bug ID CSCtf97164. La interfaz web de administración de dispositivos Cisco TelePresence Multipoint Switch (CTMS) con el software v1.0.x, v1.1.x, v1.5.x, y v1.6.x, permite a usuarios remotos autenticados causar una denegación de servicio... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2011-0388
https://notcve.org/view.php?id=CVE-2011-0388
25 Feb 2011 — Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825. Dispositivos TelePresence Recording Server con software v1.6.x y Cisco TelePresence Multipoint Switch (CTMS)... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-0389
https://notcve.org/view.php?id=CVE-2011-0389
25 Feb 2011 — Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allow remote attackers to cause a denial of service (process crash) via a crafted Real-Time Transport Control Protocol (RTCP) UDP packet, aka Bug ID CSCth60993. Dispositivos Cisco TelePresence Multipoint Switch (CTMS) con el software v1.0.x, v1.1.x, v1.5.x y v1.6.x permite a atacantes remotos provocar una denegación de servicio (caída del proceso) a través de un paquete Real-Time Transport Control Protocol (RTCP... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2011-0390
https://notcve.org/view.php?id=CVE-2011-0390
25 Feb 2011 — The XML-RPC implementation on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, 1.6.x, and 1.7.0 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka Bug ID CSCtj44534. La implementación XML-RPC en dispositivos Cisco TelePresence Multipoint Switch (CTMS) con el software v1.0.x, v1.1.x, v1.5.x, v1.6.x, y v1.7.0 permite a atacantes remotos causar una denegación de servicio (caída del proceso) a través de una solicitud manipulada, ... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 4%CPEs: 17EXPL: 0CVE-2011-0384
https://notcve.org/view.php?id=CVE-2011-0384
25 Feb 2011 — The Java Servlet framework on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug ID CSCtf01253. El Java Servlet framework en dispositivos Cisco TelePresence Multipoint Switch (CTMS) con software v1.0.x, v1.1.x, v1.5.x, y v1.6.x no requiere autenticación administrativa para acciones no especificadas, permit... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml • CWE-287: Improper Authentication •
CVSS: 10.0EPSS: 4%CPEs: 21EXPL: 0CVE-2011-0385
https://notcve.org/view.php?id=CVE-2011-0385
25 Feb 2011 — The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote attackers to create or overwrite arbitrary files, and possibly execute arbitrary code, via a crafted request, aka Bug IDs CSCth85786 and CSCth61065. La interfaz web de administración de dispositivos Cisco TelePresence Recording Server con el software v1.6.x y Cisco TelePresence Multipoint Switch ... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml •