Filtered by vendor Cisco
Subscribe
Filtered by product Telepresence Recording Server Software
Subscribe
Total
8 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-0392 | 1 Cisco | 2 Telepresence Recording Server, Telepresence Recording Server Software | 2024-02-04 | 7.5 HIGH | N/A |
Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833. | |||||
CVE-2011-0388 | 1 Cisco | 4 Telepresence Multipoint Switch, Telepresence Multipoint Switch Software, Telepresence Recording Server and 1 more | 2024-02-04 | 7.8 HIGH | N/A |
Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests, aka Bug IDs CSCtg35830 and CSCtg35825. | |||||
CVE-2011-0382 | 1 Cisco | 2 Telepresence Recording Server, Telepresence Recording Server Software | 2024-02-04 | 10.0 HIGH | N/A |
The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a "command injection vulnerability," aka Bug ID CSCtf97221. | |||||
CVE-2011-0386 | 1 Cisco | 2 Telepresence Recording Server, Telepresence Recording Server Software | 2024-02-04 | 9.3 HIGH | N/A |
The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739. | |||||
CVE-2011-2555 | 1 Cisco | 1 Telepresence Recording Server Software | 2024-02-04 | 10.0 HIGH | N/A |
Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a default password for the root administrator account, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtr76182. | |||||
CVE-2011-0391 | 1 Cisco | 2 Telepresence Recording Server, Telepresence Recording Server Software | 2024-02-04 | 7.8 HIGH | N/A |
Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an "ad hoc recording" issue, aka Bug ID CSCtf97205. | |||||
CVE-2011-0385 | 1 Cisco | 4 Telepresence Multipoint Switch, Telepresence Multipoint Switch Software, Telepresence Recording Server and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote attackers to create or overwrite arbitrary files, and possibly execute arbitrary code, via a crafted request, aka Bug IDs CSCth85786 and CSCth61065. | |||||
CVE-2011-0383 | 1 Cisco | 4 Telepresence Multipoint Switch, Telepresence Multipoint Switch Software, Telepresence Recording Server and 1 more | 2024-02-04 | 10.0 HIGH | N/A |
The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted request, aka Bug IDs CSCtf42005 and CSCtf42008. |