Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Telepresence Video Communication Server Software
Total 29 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-4317 1 Cisco 1 Telepresence Video Communication Server Software 2025-04-12 5.0 MEDIUM N/A
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in an authentication packet, aka Bug ID CSCuv40469.
CVE-2015-0652 1 Cisco 3 Expressway Software, Telepresence Conductor, Telepresence Video Communication Server Software 2025-04-12 7.8 HIGH N/A
The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X8.2 and Cisco TelePresence Conductor before XC2.4 allows remote attackers to cause a denial of service (mishandled exception and device reload) via a crafted media description, aka Bug IDs CSCus96593 and CSCun73192.
CVE-2016-1444 1 Cisco 2 Telepresence Video Communication Server, Telepresence Video Communication Server Software 2025-04-12 5.8 MEDIUM 6.5 MEDIUM
The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7 and Expressway X8.1 through X8.6 mishandles certificates, which allows remote attackers to bypass authentication via an arbitrary trusted certificate, aka Bug ID CSCuz64601.
CVE-2015-4319 1 Cisco 1 Telepresence Video Communication Server Software 2025-04-12 5.5 MEDIUM N/A
The password-change feature in the administrative web interface in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 improperly performs authorization, which allows remote authenticated users to reset arbitrary active-user passwords via unspecified vectors, aka Bug ID CSCuv12338.
CVE-2015-4329 1 Cisco 1 Telepresence Video Communication Server Software 2025-04-12 6.5 MEDIUM N/A
The administrator web interface in Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, aka Bug ID CSCuv11796.
CVE-2015-0772 1 Cisco 1 Telepresence Video Communication Server Software 2025-04-12 7.1 HIGH N/A
Cisco TelePresence Video Communication Server (VCS) X8.5RC4 allows remote attackers to cause a denial of service (CPU consumption or device outage) via a crafted SDP parameter-negotiation request in an SDP session during a SIP connection, aka Bug ID CSCut42422.
CVE-2015-0653 1 Cisco 3 Expressway Software, Telepresence Conductor, Telepresence Video Communication Server Software 2025-04-12 10.0 HIGH N/A
The management interface in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X7.2.4, X8 before X8.1.2, and X8.2 before X8.2.2 and Cisco TelePresence Conductor before X2.3.1 and XC2.4 before XC2.4.1 allows remote attackers to bypass authentication via crafted login parameters, aka Bug IDs CSCur02680 and CSCur05556.
CVE-2014-3369 1 Cisco 2 Expressway Software, Telepresence Video Communication Server Software 2025-04-12 7.1 HIGH N/A
The SIP IX implementation in Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allows remote attackers to cause a denial of service (device reload) via crafted SDP packets, aka Bug ID CSCuo42252.
CVE-2014-0662 1 Cisco 2 Telepresence Video Communication Server Software, Telepresence Video Communication Servers Software 2025-04-11 7.1 HIGH N/A
The SIP module in Cisco TelePresence Video Communication Server (VCS) before 8.1 allows remote attackers to cause a denial of service (process failure) via a crafted SDP message, aka Bug ID CSCue97632.