Shodan
Vulnerabilities
Vulnerable Software
Cisco:  >> Telepresence Video Communication Server  >> x14.0.0  Security Vulnerabilities
CVE-2022-20809
Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS Score
4.3
EPSS Score
0.003
Published
2022-05-26
CVE-2021-34716
A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root user. This vulnerability is due to incorrect handling of certain crafted software images that are uploaded to the affected device. An attacker could exploit this vulnerability by authenticating to the system as an administrative user and then uploading specific crafted software images to the affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
CVSS Score
6.7
EPSS Score
0.011
Published
2021-08-18
CVE-2017-12287
A vulnerability in the cluster database (CDB) management component of Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to cause the CDB process on an affected system to restart unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability is due to incomplete input validation of URL requests by the REST API of the affected software. An attacker could exploit this vulnerability by sending a crafted URL to the REST API of the affected software on an affected system. A successful exploit could allow the attacker to cause the CDB process on the affected system to restart unexpectedly, resulting in a temporary DoS condition. Cisco Bug IDs: CSCve77571.
CVSS Score
4.3
EPSS Score
0.005
Published
2017-10-19
CVE-2015-0579
Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway allow remote attackers to cause a denial of service (memory and CPU consumption, and partial outage) via crafted SIP packets, aka Bug ID CSCur12473.
CVSS Score
5.0
EPSS Score
0.009
Published
2015-01-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved