VYPR

Expressway Software

by Cisco Systems, Inc.

CVEs (42)

  • CVE-2022-20807May 27, 2022
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For…

  • CVE-2022-20806May 27, 2022
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For…

  • CVE-2022-20809May 26, 2022
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to write files or disclose sensitive information on an affected device. For…

  • CVE-2022-20755Apr 6, 2022
    risk 0.00cvss epss 0.03

    Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute…

  • CVE-2022-20754Apr 6, 2022
    risk 0.00cvss epss 0.03

    Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute…

  • CVE-2021-34716Aug 18, 2021
    risk 0.00cvss epss 0.02

    A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root user. This…

  • CVE-2021-34715Aug 18, 2021
    risk 0.00cvss epss 0.01

    A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system. The vulnerability…

  • CVE-2020-3482Nov 18, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the Traversal Using Relays around NAT (TURN) server component of Cisco Expressway software could allow an unauthenticated, remote attacker to bypass security controls and send network traffic to restricted destinations. The vulnerability is due to improper…

  • CVE-2020-3596Oct 8, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is…

  • CVE-2019-12705Oct 16, 2019
    risk 0.00cvss epss 0.01

    A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management…

  • CVE-2019-1872Jun 5, 2019
    risk 0.00cvss epss 0.02

    A vulnerability in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Series software could allow an unauthenticated, remote attacker to cause an affected system to send arbitrary network requests. The vulnerability is due to improper restrictions on…

  • CVE-2019-1854May 3, 2019
    risk 0.00cvss epss 0.04

    A vulnerability in the management web interface of Cisco Expressway Series could allow an authenticated, remote attacker to perform a directory traversal attack against an affected device. The vulnerability is due to insufficient input validation on the web interface. An…

  • CVE-2019-1720Apr 18, 2019
    risk 0.00cvss epss 0.02

    A vulnerability in the XML API of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service (DoS) condition on an affected system.…

  • CVE-2019-1721Apr 18, 2019
    risk 0.00cvss epss 0.02

    A vulnerability in the phone book feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to cause the CPU to increase to 100% utilization, causing a denial of service (DoS) condition on an affected…

  • CVE-2019-1722Apr 18, 2019
    risk 0.00cvss epss 0.01

    A vulnerability in the FindMe feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The…

  • CVE-2019-1679Feb 7, 2019
    risk 0.00cvss epss 0.02

    A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to trigger an HTTP request from an affected server to an arbitrary host.…

  • CVE-2015-0653Mar 13, 2015
    risk 0.00cvss epss 0.04

    The management interface in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X7.2.4, X8 before X8.1.2, and X8.2 before X8.2.2 and Cisco TelePresence Conductor before X2.3.1 and XC2.4 before XC2.4.1 allows remote attackers to bypass authentication…

  • CVE-2015-0652Mar 13, 2015
    risk 0.00cvss epss 0.02

    The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X8.2 and Cisco TelePresence Conductor before XC2.4 allows remote attackers to cause a denial of service (mishandled exception and device…

  • CVE-2015-0579Jan 14, 2015
    risk 0.00cvss epss 0.02

    Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway allow remote attackers to cause a denial of service (memory and CPU consumption, and partial outage) via crafted SIP packets, aka Bug ID CSCur12473.

  • CVE-2014-3370Oct 19, 2014
    risk 0.00cvss epss 0.02

    Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.1.1 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug IDs CSCum60442 and CSCum60447.