Vulnerabilities > Cisco > Telepresence System 1300 Series
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-02-25 | CVE-2011-0379 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco products Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote attackers to execute arbitrary code via a crafted Cisco Discovery Protocol packet, aka Bug IDs CSCtd75769, CSCtd75766, CSCtd75754, and CSCtd75761. | 7.9 |
2011-02-25 | CVE-2011-0378 | OS Command Injection vulnerability in Cisco products The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command injection vulnerability," aka Bug ID CSCtb52587. | 8.3 |
2011-02-25 | CVE-2011-0377 | Resource Management Errors vulnerability in Cisco products Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to cause a denial of service (service crash) via a malformed SOAP request in conjunction with a spoofed TelePresence Manager that supplies an invalid IP address, aka Bug ID CSCth03605. | 7.8 |
2011-02-25 | CVE-2011-0376 | Information Exposure vulnerability in Cisco products The TFTP implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x, 1.6.0, and 1.6.1 allows remote attackers to obtain sensitive information via a GET request, aka Bug ID CSCte43876. | 10.0 |
2011-02-25 | CVE-2011-0375 | OS Command Injection vulnerability in Cisco products The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCth24671. | 9.0 |
2011-02-25 | CVE-2011-0374 | OS Command Injection vulnerability in Cisco products The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31659. | 9.0 |
2011-02-25 | CVE-2011-0373 | OS Command Injection vulnerability in Cisco products The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31685. | 9.0 |
2011-02-25 | CVE-2011-0372 | OS Command Injection vulnerability in Cisco products The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31640. | 10.0 |