VYPR

Mobility Services Engine

by Cisco Systems, Inc.

CVEs (8)

  • CVE-2015-6313HigApr 6, 2016
    risk 0.49cvss 7.5epss 0.03

    Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted HTTP…

  • CVE-2015-6312HigApr 6, 2016
    risk 0.49cvss 7.5epss 0.02

    Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and 320, and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (device reload) via malformed STUN packets, aka Bug ID CSCuv01348.

  • CVE-2016-9197MedApr 7, 2017
    risk 0.44cvss 6.7epss 0.00

    A vulnerability in the CLI command parser of the Cisco Mobility Express 2800 and 3800 Series Wireless LAN Controllers could allow an authenticated, local attacker to obtain access to the underlying operating system shell with root-level privileges. More Information: CSCvb70351.…

  • CVE-2015-6316Nov 6, 2015
    risk 0.00cvss epss 0.02

    The default configuration of sshd_config in Cisco Mobility Services Engine (MSE) through 8.0.120.7 allows logins by the oracle account, which makes it easier for remote attackers to obtain access by entering this account's hardcoded password in an SSH session, aka Bug ID…

  • CVE-2015-4282Nov 6, 2015
    risk 0.00cvss epss 0.00

    Cisco Mobility Services Engine (MSE) through 8.0.120.7 uses weak permissions for unspecified binary files, which allows local users to obtain root privileges by writing to a file, aka Bug ID CSCuv40504.

  • CVE-2015-4263Jul 10, 2015
    risk 0.00cvss epss 0.01

    The Control and Provisioning functionality in Cisco Mobility Services Engine (MSE) 10.0(0.1) allows remote authenticated users to obtain sensitive information by reading log files, aka Bug ID CSCut36851.

  • CVE-2015-0673Mar 26, 2015
    risk 0.00cvss epss 0.01

    Cisco Mobility Services Engine (MSE) 8.0(110.0) allows remote authenticated users to discover the passwords of arbitrary users by (1) reading log files or (2) using an unspecified GUI feature, aka Bug ID CSCut24792.

  • CVE-2013-3469Sep 4, 2013
    risk 0.00cvss epss 0.02

    Cisco Mobility Services Engine does not properly set up the Oracle SSL service, which allows remote attackers to obtain an unauthenticated session to the database-replication port, and consequently obtain sensitive information, via an SSL connection, aka Bug ID CSCue50794.