Vulnerabilities > Cisco > Telepresence System Software > 4.0.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-09-12 | CVE-2014-3362 | Resource Management Errors vulnerability in Cisco products Memory leak in Cisco TelePresence System Edge MXP Series Software F9.3.3 and earlier allows remote attackers to cause a denial of service (management outage) via multiple TELNET connections, aka Bug ID CSCuo63677. | 7.8 |
2014-05-26 | CVE-2014-3274 | Cryptographic Issues vulnerability in Cisco Telepresence System Software Cisco TelePresence System (CTS) 6.0(.5)(5) and earlier falls back to HTTP when certain HTTPS sessions cannot be established, which allows man-in-the-middle attackers to obtain sensitive directory information by leveraging a network position between CTS and Cisco Unified Communications Manager (UCM) to block HTTPS traffic, aka Bug ID CSCuj26326. | 4.3 |
2014-05-02 | CVE-2014-2161 | Improper Input Validation vulnerability in Cisco products The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCty45731. | 7.8 |
2014-05-02 | CVE-2014-2160 | Improper Input Validation vulnerability in Cisco products The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCty45745. | 7.8 |
2014-05-02 | CVE-2014-2159 | Improper Input Validation vulnerability in Cisco products The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted packets, aka Bug ID CSCtq78722. | 7.8 |
2014-05-02 | CVE-2014-2158 | Improper Input Validation vulnerability in Cisco products Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45720. | 7.8 |
2014-05-02 | CVE-2014-2157 | Improper Input Validation vulnerability in Cisco products Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45733. | 7.1 |
2014-05-02 | CVE-2014-2156 | Improper Input Validation vulnerability in Cisco products Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCty45739. | 7.1 |
2014-01-22 | CVE-2014-0661 | Code Injection vulnerability in Cisco products The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote attackers to execute arbitrary commands or cause a denial of service (stack memory corruption) via a crafted XML-RPC message, aka Bug ID CSCui32796. | 8.3 |
2012-07-12 | CVE-2012-2486 | Code Injection vulnerability in Cisco products The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953. | 8.3 |