Vulnerabilities > Cisco > Roomos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2021-34758 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory segment, resulting in a denial of service (DoS) condition. | 3.3 |
| 2021-05-06 | CVE-2021-1532 | Path Traversal vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. | 6.5 |
| 2020-11-18 | CVE-2020-26068 | Authorization Bypass Through User-Controlled Key vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. | 6.5 |
| 2020-09-23 | CVE-2019-15289 | Improper Input Validation vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint Multiple vulnerabilities in the video service of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2020-06-18 | CVE-2020-3336 | OS Command Injection vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the software upgrade process of Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software could allow an authenticated, remote attacker to modify the filesystem to cause a denial of service (DoS) or gain privileged access to the root filesystem. | 7.2 |
| 2019-11-26 | CVE-2019-15967 | Unspecified vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, local attacker to enable audio recording without notifying users. | 4.4 |
| 2019-11-26 | CVE-2019-15288 | Improper Input Validation vulnerability in Cisco products A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE), Cisco TelePresence Codec (TC), and Cisco RoomOS Software could allow an authenticated, remote attacker to escalate privileges to an unrestricted user of the restricted shell. | 8.8 |
| 2019-08-21 | CVE-2019-12622 | Unspecified vulnerability in Cisco products A vulnerability in Cisco RoomOS Software could allow an authenticated, local attacker to write files to the underlying filesystem with root privileges. | 5.5 |