National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:cisco:telepresence_tc_software:4.2.3
There are 18 matching records.
Vuln ID Summary CVSS Severity
CVE-2017-6648

A vulnerability in the Session Initiation Protocol (SIP) of the Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause a TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms within the software. An attacker could exploit this vulnerability by sending a flood of SIP INVITE packets to the affected device. An exploit could allow the attacker to impact the availability of services and data of the device, including a complete DoS condition. This vulnerability affects the following Cisco TC and CE platforms when running software versions prior to TC 7.3.8 and CE 8.3.0. Cisco Bug IDs: CSCux94002.

Published: June 08, 2017; 09:29:00 AM -04:00
V3: 7.5 HIGH
V2: 7.8 HIGH
CVE-2015-0722

The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets, aka Bug ID CSCuj68952.

Published: May 24, 2015; 08:59:02 PM -04:00
V2: 7.8 HIGH
CVE-2014-2174

Cisco TelePresence T, TelePresence TE, and TelePresence TC before 7.1 do not properly implement access control, which allows remote attackers to obtain root privileges by sending packets on the local network and allows physically proximate attackers to obtain root privileges via unspecified vectors, aka Bug ID CSCub67651.

Published: May 24, 2015; 08:59:00 PM -04:00
V2: 8.3 HIGH
CVE-2014-2175

Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allow remote attackers to cause a denial of service (memory consumption) via crafted H.225 packets, aka Bug ID CSCtq78849.

Published: May 02, 2014; 06:55:08 AM -04:00
V2: 7.8 HIGH
CVE-2014-2173

Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 do not properly restrict access to the serial port, which allows local users to gain privileges via unspecified commands, aka Bug ID CSCub67692.

Published: May 02, 2014; 06:55:08 AM -04:00
V2: 7.2 HIGH
CVE-2014-2172

Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows local users to gain privileges by leveraging improper handling of the u-boot compiler flag for internal executable files, aka Bug ID CSCub67693.

Published: May 02, 2014; 06:55:08 AM -04:00
V2: 6.6 MEDIUM
CVE-2014-2171

Heap-based buffer overflow in Cisco TelePresence TC Software 4.x through 6.x before 6.0.1 and TE Software 4.x and 6.0.x before 6.0.2 allows remote attackers to execute arbitrary code via crafted SIP packets, aka Bug ID CSCud81796.

Published: May 02, 2014; 06:55:08 AM -04:00
V2: 10.0 HIGH
CVE-2014-2170

Cisco TelePresence TC Software 4.x and 5.x before 5.1.7 and 6.x before 6.0.1 and TE Software 4.x and 6.0 allow remote authenticated users to execute arbitrary commands by using the commands as arguments to tshell (aka tcsh) scripts, aka Bug ID CSCue60202.

Published: May 02, 2014; 06:55:08 AM -04:00
V2: 9.0 HIGH
CVE-2014-2169

Cisco TelePresence TC Software 4.x through 6.x before 6.2.0 and TE Software 4.x and 6.0 allow remote authenticated users to execute arbitrary commands by using the commands as arguments to internal system scripts, aka Bug ID CSCue60211.

Published: May 02, 2014; 06:55:08 AM -04:00
V2: 9.0 HIGH
CVE-2014-2168

Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to execute arbitrary code via crafted DNS response packets, aka Bug ID CSCty44804.

Published: May 02, 2014; 06:55:08 AM -04:00
V2: 7.6 HIGH
CVE-2014-2167

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCua86589.

Published: May 02, 2014; 06:55:08 AM -04:00
V2: 7.8 HIGH
CVE-2014-2166

The SIP implementation in Cisco TelePresence TC Software 4.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCto70562.

Published: May 02, 2014; 06:55:08 AM -04:00
V2: 7.8 HIGH
CVE-2014-2165

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtq72699.

Published: May 02, 2014; 06:55:08 AM -04:00
V2: 7.8 HIGH
CVE-2014-2164

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCuj94651.

Published: May 02, 2014; 06:55:08 AM -04:00
V2: 7.8 HIGH
CVE-2014-2163

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCua64961.

Published: May 02, 2014; 06:55:08 AM -04:00
V2: 7.8 HIGH
CVE-2014-2162

The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCud29566.

Published: May 02, 2014; 06:55:08 AM -04:00
V2: 7.8 HIGH
CVE-2013-3378

Cisco TelePresence TC Software before 6.1 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (temporary device hang) via crafted SIP packets, aka Bug ID CSCuf89557.

Published: June 21, 2013; 09:57:25 AM -04:00
V2: 7.8 HIGH
CVE-2013-3377

Cisco TelePresence TC Software before 5.1.7 and TE Software before 4.1.3 allow remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCue01743.

Published: June 21, 2013; 09:57:25 AM -04:00
V2: 7.8 HIGH