Skip to main content

Roomos

17 CVEs product

Monthly

CVE-2023-20008 HIGH This Week

A vulnerability in the CLI of Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to overwrite arbitrary files on the local system of an affected device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Roomos Telepresence Collaboration Endpoint Telepresence Tc
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2023-20002 MEDIUM This Month

A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

SSRF Cisco Roomos Telepresence Collaboration Endpoint
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2022-20955 HIGH This Week

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2022-20954 HIGH This Week

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2022-20953 MEDIUM This Month

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2022-20811 HIGH This Week

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
7.2
EPSS
0.7%
CVE-2022-20776 MEDIUM This Month

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
6.7
EPSS
0.5%
CVE-2022-20794 MEDIUM This Month

Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker to cause a denial of service (DoS). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Open Redirect Information Disclosure Telepresence Collaboration Endpoint +1
NVD
CVSS 3.1
4.7
EPSS
0.7%
CVE-2022-20764 HIGH This Week

Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker to cause a denial of service (DoS). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Open Redirect Information Disclosure Telepresence Collaboration Endpoint +1
NVD
CVSS 3.1
8.1
EPSS
1.0%
CVE-2022-20783 HIGH This Week

A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2021-34758 LOW Monitor

A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2021-1532 MEDIUM This Month

A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, remote attacker to read arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
6.5
EPSS
1.4%
CVE-2020-26068 MEDIUM This Month

A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Roomos Telepresence Collaboration Endpoint
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2020-3336 HIGH This Week

A vulnerability in the software upgrade process of Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software could allow an authenticated, remote attacker to modify the filesystem. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Command Injection Roomos Telepresence Collaboration Endpoint
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2019-15967 MEDIUM This Month

A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, local attacker to enable audio recording without notifying users. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
4.4
EPSS
0.3%
CVE-2019-15288 HIGH This Week

A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE), Cisco TelePresence Codec (TC), and Cisco RoomOS Software could allow an authenticated, remote attacker to escalate. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Telepresence Codec Telepresence Collaboration Endpoint Roomos
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2019-12622 MEDIUM This Month

A vulnerability in Cisco RoomOS Software could allow an authenticated, local attacker to write files to the underlying filesystem with root privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Telepresence Codec C40 Firmware Telepresence Codec C60 Firmware Telepresence Codec C90 Firmware +1
NVD
CVSS 3.1
5.5
EPSS
0.3%
EPSS 0% CVSS 7.1
HIGH This Week

A vulnerability in the CLI of Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to overwrite arbitrary files on the local system of an affected device. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Roomos +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A vulnerability in Cisco TelePresence CE and RoomOS Software could allow an authenticated, local attacker to bypass access controls and conduct an SSRF attack through an affected device. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

SSRF Cisco Roomos +1
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal +2
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal +2
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal +2
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

Multiple vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an attacker to conduct path traversal attacks, view sensitive data, or write. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Path Traversal +2
NVD
EPSS 1% CVSS 4.7
MEDIUM This Month

Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker to cause a denial of service (DoS). Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Open Redirect +3
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker to cause a denial of service (DoS). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Open Redirect +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability in the packet processing functionality of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Telepresence Collaboration Endpoint +1
NVD
EPSS 0% CVSS 3.3
LOW Monitor

A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, local attacker to corrupt a shared memory. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Cisco Denial Of Service Telepresence Collaboration Endpoint +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an authenticated, remote attacker to read arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Path Traversal Telepresence Collaboration Endpoint +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Roomos +1
NVD
EPSS 2% CVSS 7.2
HIGH This Week

A vulnerability in the software upgrade process of Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software could allow an authenticated, remote attacker to modify the filesystem. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Command Injection +2
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, local attacker to enable audio recording without notifying users. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Cisco Telepresence Collaboration Endpoint +1
NVD
EPSS 2% CVSS 8.8
HIGH This Week

A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE), Cisco TelePresence Codec (TC), and Cisco RoomOS Software could allow an authenticated, remote attacker to escalate. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cisco Telepresence Codec +2
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

A vulnerability in Cisco RoomOS Software could allow an authenticated, local attacker to write files to the underlying filesystem with root privileges. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Cisco Information Disclosure Telepresence Codec C40 Firmware +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy