Shodan
Vulnerabilities
Vulnerable Software
Cisco:  >> Telepresence System Software  >> 1.10.3(41)  Security Vulnerabilities
CVE-2014-3362
Memory leak in Cisco TelePresence System Edge MXP Series Software F9.3.3 and earlier allows remote attackers to cause a denial of service (management outage) via multiple TELNET connections, aka Bug ID CSCuo63677.
CVSS Score
7.8
EPSS Score
0.008
Published
2014-09-12
CVE-2014-3274
Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM) to block HTTPS traffic, aka Bug ID CSCuj26326.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-05-26
CVE-2014-2157
Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45733.
CVSS Score
7.1
EPSS Score
0.004
Published
2014-05-02
CVE-2014-2158
Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45720.
CVSS Score
7.8
EPSS Score
0.004
Published
2014-05-02
CVE-2014-2159
The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCtq78722.
CVSS Score
7.8
EPSS Score
0.002
Published
2014-05-02
CVE-2014-2160
The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCty45745.
CVSS Score
7.8
EPSS Score
0.002
Published
2014-05-02
CVE-2014-2161
The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCty45731.
CVSS Score
7.8
EPSS Score
0.002
Published
2014-05-02
CVE-2014-2156
Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45739.
CVSS Score
7.1
EPSS Score
0.004
Published
2014-05-02
CVE-2014-0661
The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796.
CVSS Score
8.3
EPSS Score
0.048
Published
2014-01-22
CVE-2013-3454
Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X00, 30X0, and 3X00 devices, and 6.0.3 and earlier on TX 9X00 devices, has a default password for the pwrecovery account, which makes it easier for remote attackers to modify the configuration or perform arbitrary actions via HTTPS requests, aka Bug ID CSCui43128.
CVSS Score
10.0
EPSS Score
0.008
Published
2013-08-08


Products
Pricing
Contact Us

Shodan ® - All rights reserved