Vulnerabilities > Cisco > Telepresence TC Software > 7.3.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-08 | CVE-2017-6648 | Denial of Service vulnerability in Cisco TelePresence Endpoint A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. | 7.8 |
| 2016-11-19 | CVE-2016-6459 | OS Command Injection vulnerability in Cisco Telepresence TC Software Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. | 4.9 |
| 2016-05-05 | CVE-2016-1387 | Improper Authentication vulnerability in Cisco Telepresence TC Software The XML API in TelePresence Codec (TC) 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, and 7.3.5 and Collaboration Endpoint (CE) 8.0.0, 8.0.1, and 8.1.0 in Cisco TelePresence Software mishandles authentication, which allows remote attackers to execute control commands or make configuration changes via an API request, aka Bug ID CSCuz26935. | 9.0 |
| 2015-07-15 | CVE-2015-4271 | Improper Access Control vulnerability in Cisco Telepresence TC Software Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remote attackers to bypass authentication via vectors involving multiple request parameters, aka Bug ID CSCuv00604. | 6.4 |
| 2015-06-07 | CVE-2015-0770 | Improper Input Validation vulnerability in Cisco Telepresence TC Software CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL, aka Bug ID CSCut79341. | 5.0 |