Cisco: >> Telepresence Video Communication Servers Software Security Vulnerabilities
The SIP module in Cisco TelePresence Video Communication Server (VCS) before 8.1 allows remote attackers to cause a denial of service (process failure) via a crafted SDP message, aka Bug ID CSCue97632.
CVSS Score
7.1
EPSS Score
0.018
Published
2014-01-22
Cisco TelePresence Video Communication Server (VCS) X7.0.3 does not properly process certain search rules, which allows remote attackers to create conferences via an unspecified Conductor request, aka Bug ID CSCub67989.
CVSS Score
5.0
EPSS Score
0.002
Published
2013-01-17
Cross-site scripting (XSS) vulnerability in the login page in the administrative interface on Cisco TelePresence Video Communication Servers (VCS) with software before X7.0 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header, aka Bug ID CSCts80342.
CVSS Score
4.3
EPSS Score
0.005
Published
2011-10-19