Cisco Telepresence Video Communication Server Software — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Telepresence Video Communication Server Software, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (29)
CVE-2015-0653 — CVSS 10.0 (critical): The management interface in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X7.2.4, X8 before X8.1.2, and…
CVE-2015-0652 — CVSS 7.8 (high): The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before…
CVE-2014-3368 — CVSS 7.8 (high): Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.2 allow remote attackers to cause a denial of service…
CVE-2015-4327 — CVSS 7.2 (high): The CLI in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to obtain root privileges by writing…
CVE-2015-0772 — CVSS 7.1 (high): Cisco TelePresence Video Communication Server (VCS) X8.5RC4 allows remote attackers to cause a denial of service (CPU consumption or device…
CVE-2014-3369 — CVSS 7.1 (high): The SIP IX implementation in Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allows remote…
CVE-2014-3370 — CVSS 7.1 (high): Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote attackers to cause a denial of…
CVE-2014-0662 — CVSS 7.1 (high): The SIP module in Cisco TelePresence Video Communication Server (VCS) before 8.1 allows remote attackers to cause a denial of service…
CVE-2015-4330 — CVSS 6.9 (medium): A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS…
CVE-2015-6318 — CVSS 6.9 (medium): Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 and X8.5.2 allows local users to write to arbitrary files via an…
CVE-2015-4325 — CVSS 6.9 (medium): The process-management implementation in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain…
CVE-2015-6376 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to…
CVE-2016-1444 — CVSS 6.5 (medium): The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7 and Expressway X8.1…
CVE-2015-4303 — CVSS 6.5 (medium): Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary commands in the context…
CVE-2015-4329 — CVSS 6.5 (medium): The administrator web interface in Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute…
CVE-2016-1338 — CVSS 6.5 (medium): Cisco TelePresence Video Communication Server (VCS) X8.5.1 and X8.5.2 allows remote authenticated users to cause a denial of service (VoIP…
CVE-2015-4319 — CVSS 5.5 (medium): The password-change feature in the administrative web interface in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1…
CVE-2015-4316 — CVSS 5.5 (medium): The Mobile and Remote Access (MRA) endpoint-validation feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2…
CVE-2015-4315 — CVSS 5.5 (medium): The Call Policy Configuration page in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.3 improperly validates external…
CVE-2016-1316 — CVSS 5.3 (medium): Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction with Jabber Guest, allows remote attackers to…
CVE-2015-4317 — CVSS 5.0 (medium): Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid…
CVE-2015-4318 — CVSS 5.0 (medium): Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid…
CVE-2015-6410 — CVSS 4.0 (medium): The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity…
CVE-2015-6413 — CVSS 4.0 (medium): Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated users to bypass intended read-only…
CVE-2015-4328 — CVSS 4.0 (medium): Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly checks for a user account's read-only attribute, which…
CVE-2015-4314 — CVSS 4.0 (medium): The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 allows remote authenticated users to…
CVE-2015-6261 — CVSS 4.0 (medium): Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to bypass intended access…
CVE-2015-4320 — CVSS 4.0 (medium): The Configuration Log File component in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated…
CVE-2015-6414 — CVSS 2.1 (low): Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same encryption key across different customers' installations, which…