Vulnerabilities > Cisco > Telepresence Collaboration Endpoint > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-20 | CVE-2023-20002 | Server-Side Request Forgery (SSRF) vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. This vulnerability is due to improper validation of user-supplied input. | 4.4 |
2022-10-26 | CVE-2022-20776 | Path Traversal vulnerability in Cisco Telepresence Collaboration Endpoint Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. | 6.7 |
2022-10-26 | CVE-2022-20953 | Path Traversal vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write arbitrary files on an affected device. | 5.5 |
2022-07-06 | CVE-2022-20768 | Information Exposure Through Log Files vulnerability in Cisco Telepresence Collaboration Endpoint A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. | 4.9 |
2022-05-04 | CVE-2022-20794 | Open Redirect vulnerability in Cisco Telepresence Collaboration Endpoint Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker to cause a denial of service (DoS) condition, view sensitive data on an affected device, or redirect users to an attacker-controlled destination. | 4.7 |
2021-05-06 | CVE-2021-1532 | Path Traversal vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, remote attacker to read arbitrary files from the underlying operating system. | 6.5 |
2020-11-18 | CVE-2020-26068 | Authorization Bypass Through User-Controlled Key vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. | 6.5 |
2020-11-06 | CVE-2020-26086 | Exposure of Resource to Wrong Sphere vulnerability in Cisco Telepresence Collaboration Endpoint A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected device. | 4.3 |
2019-11-26 | CVE-2019-15967 | Unspecified vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, local attacker to enable audio recording without notifying users. | 4.4 |
2019-10-16 | CVE-2019-15962 | Incorrect Default Permissions vulnerability in Cisco Telepresence Collaboration Endpoint A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, local attacker to write files to the /root directory of an affected device. | 4.4 |