Cisco TelePresence Video Communication Server (VCS) Software X8.5.3 Expressway Edition

CPE Details

Cisco TelePresence Video Communication Server (VCS) Software X8.5.3 Expressway Edition
cisco
telepresence_video_communication_server_software
x8.5.3
2020-08-25
13h42 +00:00
2020-08-25
13h42 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:cisco:telepresence_video_communication_server_software:x8.5.3:*:*:*:expressway:*:*:*

Informations

Vendor

cisco

Product

telepresence_video_communication_server_software

Version

x8.5.3

Software Edition

expressway

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2016-1444 2016-07-07 12h00 +00:00 The Mobile and Remote Access (MRA) component in Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7 and Expressway X8.1 through X8.6 mishandles certificates, which allows remote attackers to bypass authentication via an arbitrary trusted certificate, aka Bug ID CSCuz64601.
6.5
Medium
CVE-2016-1316 2016-02-09 01h00 +00:00 Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction with Jabber Guest, allows remote attackers to obtain sensitive call-statistics information via a direct request to an unspecified URL, aka Bug ID CSCux73362.
5.3
Medium
CVE-2015-4315 2015-08-19 22h00 +00:00 The Call Policy Configuration page in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.3 improperly validates external DTDs, which allows remote authenticated users to read arbitrary files or cause a denial of service via a crafted XML document, aka Bug ID CSCuv31853.
5.5
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.