Tandberg
Products
4- 6 CVEs
- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-2538 | Hig | 0.47 | 7.2 | 0.03 | Oct 29, 2019 | Cisco Video Communications Server (VCS) before X7.0.3 contains a command injection vulnerability which allows remote, authenticated attackers to execute arbitrary commands. | ||
| CVE-2009-4511 | 0.03 | — | 0.05 | Apr 13, 2010 | Multiple directory traversal vulnerabilities in the web administration interface on the TANDBERG Video Communication Server (VCS) before X5.1 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to (1) helppage.php or (2)… | |||
| CVE-2009-3947 | 0.03 | — | 0.05 | Nov 16, 2009 | Buffer overflow in the FTP service on the Tandberg MXP F7.0 allows remote attackers to cause a denial of service (process crash or device reboot) or possibly execute arbitrary code via a long USER command, as demonstrated by a command ending with many space characters. | |||
| CVE-2010-1356 | 0.00 | — | 0.03 | Apr 13, 2010 | Unspecified vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to execute arbitrary code via unknown vectors, aka Reference ID 69773. | |||
| CVE-2010-1355 | 0.00 | — | 0.01 | Apr 13, 2010 | Cross-site scripting (XSS) vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316. | |||
| CVE-2009-4510 | 0.00 | — | 0.02 | Apr 13, 2010 | The SSH service on the TANDBERG Video Communication Server (VCS) before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets. | |||
| CVE-2009-4509 | 0.00 | — | 0.05 | Apr 13, 2010 | The administrative web console on the TANDBERG Video Communication Server (VCS) before X4.3 uses predictable session cookies in (1) tandberg/web/lib/secure.php and (2) tandberg/web/user/lib/secure.php, which makes it easier for remote attackers to bypass authentication, and… |
- risk 0.47cvss 7.2epss 0.03
Cisco Video Communications Server (VCS) before X7.0.3 contains a command injection vulnerability which allows remote, authenticated attackers to execute arbitrary commands.
- CVE-2009-4511Apr 13, 2010risk 0.03cvss —epss 0.05
Multiple directory traversal vulnerabilities in the web administration interface on the TANDBERG Video Communication Server (VCS) before X5.1 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the page parameter to (1) helppage.php or (2)…
- CVE-2009-3947Nov 16, 2009risk 0.03cvss —epss 0.05
Buffer overflow in the FTP service on the Tandberg MXP F7.0 allows remote attackers to cause a denial of service (process crash or device reboot) or possibly execute arbitrary code via a long USER command, as demonstrated by a command ending with many space characters.
- CVE-2010-1356Apr 13, 2010risk 0.00cvss —epss 0.03
Unspecified vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to execute arbitrary code via unknown vectors, aka Reference ID 69773.
- CVE-2010-1355Apr 13, 2010risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Reference ID 66316.
- CVE-2009-4510Apr 13, 2010risk 0.00cvss —epss 0.02
The SSH service on the TANDBERG Video Communication Server (VCS) before X5.1 uses a fixed DSA key, which makes it easier for remote attackers to conduct man-in-the-middle attacks and spoof arbitrary servers via crafted SSH packets.
- CVE-2009-4509Apr 13, 2010risk 0.00cvss —epss 0.05
The administrative web console on the TANDBERG Video Communication Server (VCS) before X4.3 uses predictable session cookies in (1) tandberg/web/lib/secure.php and (2) tandberg/web/user/lib/secure.php, which makes it easier for remote attackers to bypass authentication, and…