Skip to main content

Expressway

13 CVEs product

Monthly

CVE-2024-20255 HIGH This Week

A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Expressway
NVD
CVSS 3.1
7.1
EPSS
0.6%
CVE-2024-20254 HIGH This Week

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Expressway
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-20252 HIGH This Week

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Expressway
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2022-20813 MEDIUM This Month

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Expressway Telepresence Video Communication Server
NVD
CVSS 3.1
5.9
EPSS
1.0%
CVE-2022-20812 MEDIUM This Month

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Expressway Telepresence Video Communication Server
NVD
CVSS 3.1
6.5
EPSS
1.8%
CVE-2021-34716 HIGH PATCH This Week

A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Cisco RCE Expressway Telepresence Video Communication Server
NVD
CVSS 3.1
7.2
EPSS
2.4%
CVE-2021-34715 HIGH PATCH This Week

A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Cisco Information Disclosure Jwt Attack Expressway Telepresence Video Communication Server
NVD
CVSS 3.1
7.2
EPSS
1.1%
CVE-2020-3482 MEDIUM This Month

A vulnerability in the Traversal Using Relays around NAT (TURN) server component of Cisco Expressway software could allow an unauthenticated, remote attacker to bypass security controls and send. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Expressway Telepresence Video Communication Server
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2020-3596 HIGH This Week

A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Expressway Telepresence Video Communication Server
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2018-5390 HIGH PATCH This Week

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Linux Virtualization Enterprise Linux Desktop Enterprise Linux Server +35
NVD
CVSS 3.1
7.5
EPSS
73.5%
CVE-2017-12287 MEDIUM This Month

A vulnerability in the cluster database (CDB) management component of Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Expressway Telepresence Conductor Telepresence Video Communication Server
NVD
CVSS 3.0
4.3
EPSS
0.5%
CVE-2017-3790 HIGH This Week

A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Expressway Telepresence Video Communication Server
NVD
CVSS 3.0
8.6
EPSS
0.3%
CVE-2016-9207 MEDIUM This Month

A vulnerability in the HTTP traffic server component of Cisco Expressway could allow an unauthenticated, remote attacker to initiate TCP connections to arbitrary hosts. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Expressway
NVD
CVSS 3.0
6.5
EPSS
0.8%
EPSS 1% CVSS 7.1
HIGH This Week

A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Expressway
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Expressway
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco CSRF Expressway
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Cisco Information Disclosure Expressway +1
NVD
EPSS 2% CVSS 6.5
MEDIUM This Month

Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Expressway +1
NVD
EPSS 2% CVSS 7.2
HIGH PATCH This Week

A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Cisco RCE Expressway +1
NVD
EPSS 1% CVSS 7.2
HIGH PATCH This Week

A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute code. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Cisco Information Disclosure Jwt Attack +2
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the Traversal Using Relays around NAT (TURN) server component of Cisco Expressway software could allow an unauthenticated, remote attacker to bypass security controls and send. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Expressway +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the Session Initiation Protocol (SIP) of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Expressway +1
NVD
EPSS 74% CVSS 7.5
HIGH PATCH This Week

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Linux Virtualization +37
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

A vulnerability in the cluster database (CDB) management component of Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Expressway +2
NVD
EPSS 0% CVSS 8.6
HIGH This Week

A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Expressway +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the HTTP traffic server component of Cisco Expressway could allow an unauthenticated, remote attacker to initiate TCP connections to arbitrary hosts. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Expressway
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy