Show filters
27 Total Results
Displaying 21-27 of 27
Sort by:
Attacker Value
Unknown

CVE-2015-4320

Disclosure Date: August 20, 2015 (last updated October 05, 2023)
The Configuration Log File component in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to obtain sensitive information by reading a log file, aka Bug ID CSCuv12340.
0
0
Attacker Value
Unknown

CVE-2015-4314

Disclosure Date: August 20, 2015 (last updated October 05, 2023)
The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 allows remote authenticated users to obtain sensitive password-hash information by reading the snapshot file, aka Bug ID CSCuv40422.
0
0
Attacker Value
Unknown

CVE-2015-4328

Disclosure Date: August 20, 2015 (last updated October 05, 2023)
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly checks for a user account's read-only attribute, which allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, as demonstrated by read or write operations on the Unified Communications lookup page, aka Bug ID CSCuv12552.
0
0
Attacker Value
Unknown

CVE-2015-4315

Disclosure Date: August 20, 2015 (last updated October 05, 2023)
The Call Policy Configuration page in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.3 improperly validates external DTDs, which allows remote authenticated users to read arbitrary files or cause a denial of service via a crafted XML document, aka Bug ID CSCuv31853.
0
0
Attacker Value
Unknown

CVE-2015-4317

Disclosure Date: August 20, 2015 (last updated October 05, 2023)
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in an authentication packet, aka Bug ID CSCuv40469.
0
0
Attacker Value
Unknown

CVE-2015-0772

Disclosure Date: June 12, 2015 (last updated October 05, 2023)
Cisco TelePresence Video Communication Server (VCS) X8.5RC4 allows remote attackers to cause a denial of service (CPU consumption or device outage) via a crafted SDP parameter-negotiation request in an SDP session during a SIP connection, aka Bug ID CSCut42422.
0
0
Attacker Value
Unknown

CVE-2015-0752

Disclosure Date: May 29, 2015 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut27635.
0
0
View More Topics  < Previous