Vulnerabilities > Cisco > Telepresence Video Communication Server Software > x8.6

DATE	CVE	VULNERABILITY TITLE	RISK
2016-07-07	CVE-2016-1444	Improper Input Validation vulnerability in Cisco products The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7 and Expressway X8.1 through X8.6 mishandles certificates, which allows remote attackers to bypass authentication via an arbitrary trusted certificate, aka Bug ID CSCuz64601. network cisco CWE-20	5.8
2015-12-13	CVE-2015-6414	Information Exposure vulnerability in Cisco Telepresence Video Communication Server Software X8.6 Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same encryption key across different customers' installations, which makes it easier for local users to defeat cryptographic protection mechanisms by leveraging knowledge of a key from another installation, aka Bug ID CSCuw64516. local low complexity cisco CWE-200	2.1
2015-12-13	CVE-2015-6413	Permissions, Privileges, and Access Controls vulnerability in Cisco Telepresence Video Communication Server Software X8.6 Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated users to bypass intended read-only restrictions and upload Tandberg Linux Package (TLP) files by visiting an administrative page, aka Bug ID CSCuw55651. network low complexity cisco CWE-264	4.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.