cbcvebase.

Cisco Telepresence Recording Server Software vulnerabilities

8 known vulnerabilities affecting cisco/telepresence_recording_server_software.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL5HIGH3

Vulnerabilities

Page 1 of 1
CVE-2011-0383P2CRITICALCVSS 10.0v1.6.12011-02-25
CVE-2011-0383 [CRITICAL] CWE-287 CVE-2011-0383: The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before The Java Servlet framework on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x does not require administrative authentication for unspecified actions, which allows remote attackers to execute arbitrary code via a crafted r
nvd
CVE-2011-0382P2CRITICALCVSS 10.0v1.6.12011-02-25
CVE-2011-0382 [CRITICAL] CWE-78 CVE-2011-0382: The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 al The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2 allows remote attackers to execute arbitrary commands via a request to TCP port 443, related to a "command injection vulnerability," aka Bug ID CSCtf97221.
nvd
CVE-2011-0385P3CRITICALCVSS 10.0v1.6.1v1.6.2+1 more2011-02-25
CVE-2011-0385 [CRITICAL] CVE-2011-0385: The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x The administrative web interface on Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x allows remote attackers to create or overwrite arbitrary files, and possibly execute arbitrary code, via a crafted request, aka Bug IDs CSCth85786 and CSCth610
nvd
CVE-2011-2555P3CRITICALCVSS 10.0v1.7.22011-08-29
CVE-2011-2555 [CRITICAL] CWE-255 CVE-2011-2555: Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a default password for the root admin Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a default password for the root administrator account, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtr76182.
nvd
CVE-2011-0386P3CRITICALCVSS 9.3v1.6.1v1.6.2+3 more2011-02-25
CVE-2011-0386 [CRITICAL] CWE-94 CVE-2011-0386: The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1. The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739.
nvd
CVE-2011-0392P3HIGHCVSS 7.5v1.6.1v1.6.2+1 more2011-02-25
CVE-2011-0392 [HIGH] CWE-287 CVE-2011-0392: Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an Cisco TelePresence Recording Server devices with software 1.6.x do not require authentication for an XML-RPC interface, which allows remote attackers to perform unspecified actions via a session on TCP port 8080, aka Bug ID CSCtg35833.
nvd
CVE-2011-0388P3HIGHCVSS 7.8v1.6.1v1.6.2+1 more2011-02-25
CVE-2011-0388 [HIGH] CWE-399 CVE-2011-0388: Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Sw Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x do not properly restrict remote access to the Java servlet RMI interface, which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted
nvd
CVE-2011-0391P3HIGHCVSS 7.8v1.6.1v1.6.2+1 more2011-02-25
CVE-2011-0391 [HIGH] CWE-399 CVE-2011-0391: Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a de Cisco TelePresence Recording Server devices with software 1.6.x allow remote attackers to cause a denial of service (thread consumption and device outage) via a malformed request, related to an "ad hoc recording" issue, aka Bug ID CSCtf97205.
nvd
Cisco Telepresence Recording Server Software vulnerabilities | cvebase