Vulnerabilities > Cisco > Telepresence Codec C40 Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2020-09-23 CVE-2020-3143 Path Traversal vulnerability in Cisco products
A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device.
network
low complexity
cisco CWE-22
7.2
2020-03-04 CVE-2020-3155 Improper Certificate Validation vulnerability in Cisco products
A vulnerability in the SSL implementation of the Cisco Intelligent Proximity solution could allow an unauthenticated, remote attacker to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints if the products meet the conditions described in the Vulnerable Products section.
network
high complexity
cisco CWE-295
7.4