CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 0CVE-2016-1444
https://notcve.org/view.php?id=CVE-2016-1444
07 Jul 2016 — The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7 and Expressway X8.1 through X8.6 mishandles certificates, which allows remote attackers to bypass authentication via an arbitrary trusted certificate, aka Bug ID CSCuz64601. El componente Mobile and Remote Access (MRA) en Cisco TelePresence Video Communication Server (VCS) X8.1 hasta la versión X8.7 y Expressway X8.1 hasta la versión X8.6 no maneja correctamente los certificados, lo que perm... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160706-vcs • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 0%CPEs: 2EXPL: 0CVE-2016-1338
https://notcve.org/view.php?id=CVE-2016-1338
12 Mar 2016 — Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026. Cisco TelePresence Video Communication Server (VCS) X8.5.1 y X8.5.2 permite a usuarios remotos autenticados provocar una denegación de servicio (corte de VoIP) a través de un mensaje SIP manipulado, también conocida como Bug ID CSCuu43026. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-vcs • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •
CVSS: 5.3EPSS: 0%CPEs: 13EXPL: 0CVE-2016-1316
https://notcve.org/view.php?id=CVE-2016-1316
09 Feb 2016 — Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction with Jabber Guest, allows remote attackers to obtain sensitive call-statistics information via a direct request to an unspecified URL, aka Bug ID CSCux73362. Cisco TelePresence Video Communication Server (VCS) X8.1 hasta la versión X8.7, tal como se utiliza en conjunción con Jabber Guest, permite a atacantes remotos obtener información de estadísticas de llamada sensible a través de una petición directa a una URL n... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160208-vcs • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-6376
https://notcve.org/view.php?id=CVE-2015-6376
21 Nov 2015 — Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv72412. Vulnerabilidad de CSRF en Cisco TelePresence Video Communication Server (VCS) X8.5.1 permite a atacantes remotos secuestrar la autenticación de usuarios arbitrarios, también conocida como Bug ID CSCuv72412. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151120-tvcs • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2015-6318
https://notcve.org/view.php?id=CVE-2015-6318
12 Oct 2015 — Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 and X8.5.2 allows local users to write to arbitrary files via an unspecified symlink attack, aka Bug ID CSCuv11969. Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 y X8.5.2 permite a usuarios locales escribir en archivos arbitrarios a través de un ataque de enlace simbolico no especificado, también conocido como Bug ID CSCuv11969. • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151007-vcs • CWE-20: Improper Input Validation •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4319
https://notcve.org/view.php?id=CVE-2015-4319
20 Aug 2015 — The password-change feature in the administrative web interface in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 improperly performs authorization, which allows remote authenticated users to reset arbitrary active-user passwords via unspecified vectors, aka Bug ID CSCuv12338. Vulnerabilidad en la funcionalidad de cambio de contraseña en la interfaz web administrativa en Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1, realiza autorización inadecuadamente, lo que... • http://tools.cisco.com/security/center/viewAlert.x?alertId=40442 • CWE-255: Credentials Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2015-4314
https://notcve.org/view.php?id=CVE-2015-4314
20 Aug 2015 — The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 allows remote authenticated users to obtain sensitive password-hash information by reading the snapshot file, aka Bug ID CSCuv40422. Vulnerabilidad en la característica System Snapshot en Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1, permite a usuarios remotos autenticados obtener información sensible de los hash de las contraseñas mediante la lectura del archivo snapshot, también co... • http://tools.cisco.com/security/center/viewAlert.x?alertId=40439 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 1%CPEs: 3EXPL: 0CVE-2015-0652
https://notcve.org/view.php?id=CVE-2015-0652
13 Mar 2015 — The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X8.2 and Cisco TelePresence Conductor before XC2.4 allows remote attackers to cause a denial of service (mishandled exception and device reload) via a crafted media description, aka Bug IDs CSCus96593 and CSCun73192. La implementación Session Description Protocol (SDP) en Cisco TelePresence Video Communication Server (VCS) y Cisco Expressway anterior a X8.2 y Cisco TelePre... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150311-vcs • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3368
https://notcve.org/view.php?id=CVE-2014-3368
19 Oct 2014 — Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.2 allow remote attackers to cause a denial of service (device reload) via a high rate of crafted packets, aka Bug ID CSCui06507. Cisco TelePresence Video Communication Server (VCS) y Expressway Software anterior a X8.2 permiten a atacantes remotos causar una denegación de servicio (recarga del dispositivo) a través de una tasa alta de paquetes manipulados, también conocido como Bug ID CSCui06507. • http://secunia.com/advisories/60850 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3369
https://notcve.org/view.php?id=CVE-2014-3369
19 Oct 2014 — The SIP IX implementation in Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allows remote attackers to cause a denial of service (device reload) via crafted SDP packets, aka Bug ID CSCuo42252. La implementación SIP IX en Cisco TelePresence Video Communication Server (VCS) y Expressway Software anterior a X8.1.1 permite a atacantes remotos causar una denegación de servicio (recarga del dispositivo) a través de paquetes SDP manipulados, también conocido como Bug ID C... • http://secunia.com/advisories/60850 • CWE-399: Resource Management Errors •