CVSS: 9.8EPSS: 1%CPEs: 114EXPL: 0CVE-2012-2486
https://notcve.org/view.php?id=CVE-2012-2486
12 Jul 2012 — The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953. La implementación del protocolo Cisco Discovery Protocol (CDP) en Cisco ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 109EXPL: 0CVE-2012-3073
https://notcve.org/view.php?id=CVE-2012-3073
12 Jul 2012 — The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338. ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctms •
CVSS: 9.8EPSS: 3%CPEs: 6EXPL: 0CVE-2011-0386
https://notcve.org/view.php?id=CVE-2011-0386
25 Feb 2011 — The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739. La implementación XML-RPC en dispositivos Cisco TelePresence Recording Server con software v1.6.x y v1.7.x anterior a v1.7.1 permite a atacantes remotos sobreescribir archivos y ejecutar código arbitrario a través de una solicitud manipulada, también conocido como... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml • CWE-94: Improper Control of Generation of Code ('Code Injection') •