CVSS: 6.1EPSS: 2%CPEs: 7EXPL: 2CVE-2011-2544 – Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-2544
23 Sep 2011 — Cross-site scripting (XSS) vulnerability in the web interface in Cisco TelePresence System MXP Series F9.1 and earlier allows remote authenticated users to inject arbitrary web script or HTML via a crafted Call ID, as demonstrated by resultant cross-site request forgery (CSRF) attacks that change passwords or cause a denial of service, aka Bug ID CSCtq46488. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados en la interfaz web de Cisco TelePresence System MXP Serie F9.1 y anteriores, p... • https://www.exploit-db.com/exploits/17871 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 18%CPEs: 19EXPL: 2CVE-2011-2577 – Cisco TelePresence SOS-11-010 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2011-2577
31 Aug 2011 — Unspecified vulnerability in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs, when using software versions before TC 4.0.0 or F9.1, allows remote attackers to cause a denial of service (crash) via a crafted SIP packet to port 5060 or 5061, aka Bug ID CSCtq46500. Una vulnerabilidad no especificada en TelePresence C Series Endpoints de Cisco, unidades E/EX Personal Video, y MXP Series Codecs, cuando se utilizan las versiones de software anterior a versiones 4.0.0 o F9.1... • https://www.exploit-db.com/exploits/17871 •