Shodan
Vulnerabilities
Vulnerable Software
Cisco:  >> Telepresence Video Communication Server Software  >> x8.5.2  Security Vulnerabilities
CVE-2016-1444
The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7 and Expressway X8.1 through X8.6 mishandles certificates, which allows remote attackers to bypass authentication via an arbitrary trusted certificate, aka Bug ID CSCuz64601.
CVSS Score
6.5
EPSS Score
0.003
Published
2016-07-07
CVE-2016-1338
Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP outage) via a crafted SIP message, aka Bug ID CSCuu43026.
CVSS Score
6.5
EPSS Score
0.006
Published
2016-03-12
CVE-2016-1316
Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction with Jabber Guest, allows remote attackers to obtain sensitive call-statistics information via a direct request to an unspecified URL, aka Bug ID CSCux73362.
CVSS Score
5.3
EPSS Score
0.002
Published
2016-02-09
CVE-2015-6318
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 and X8.5.2 allows local users to write to arbitrary files via an unspecified symlink attack, aka Bug ID CSCuv11969.
CVSS Score
6.9
EPSS Score
0.001
Published
2015-10-12
CVE-2015-4325
The process-management implementation in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges by terminating a firestarter.py supervised process and then triggering the restart of a process by the root account, aka Bug ID CSCuv12272.
CVSS Score
6.9
EPSS Score
0.001
Published
2015-10-12
CVE-2015-4330
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556.
CVSS Score
6.9
EPSS Score
0.002
Published
2015-09-02
CVE-2015-6261
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to bypass intended access restrictions and read configuration files by leveraging the Mobile and Remote Access (MRA) role and establishing a TFTP session, aka Bug ID CSCuv78531.
CVSS Score
4.0
EPSS Score
0.002
Published
2015-08-26
CVE-2015-4318
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in a GET request, aka Bug ID CSCuv40528.
CVSS Score
5.0
EPSS Score
0.005
Published
2015-08-20
CVE-2015-4329
The administrator web interface in Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, aka Bug ID CSCuv11796.
CVSS Score
6.5
EPSS Score
0.005
Published
2015-08-20
CVE-2015-4316
The Mobile and Remote Access (MRA) endpoint-validation feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly validates the phone line used for registration, which allows remote authenticated users to conduct impersonation attacks via a crafted registration, aka Bug ID CSCuv40396.
CVSS Score
5.5
EPSS Score
0.005
Published
2015-08-20


Products
Pricing
Contact Us

Shodan ® - All rights reserved