Cisco Telepresence Video Communication Server Expressway vulnerabilities

CVE-2021-34715 [HIGH] CWE-347 CVE-2021-34715: A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system. The vulnerability is due to insufficient validation of the content of upgrade packages. An

CVE-2020-3482 [MEDIUM] CWE-284 CVE-2020-3482: A vulnerability in the Traversal Using Relays around NAT (TURN) server component of Cisco Expressway A vulnerability in the Traversal Using Relays around NAT (TURN) server component of Cisco Expressway software could allow an unauthenticated, remote attacker to bypass security controls and send network traffic to restricted destinations. The vulnerability is due to improper validation of specific connection information by the TURN server within the a

CVE-2020-3596 [HIGH] CWE-789 CVE-2020-3596: A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expressway Series and Cisco TelePr A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect handling of incoming SIP traffic. An attacker could exploit t