Cisco Telepresence Management Suite
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Cisco Telepresence Management Suite.
Recent Cisco Telepresence Management Suite Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 2025-03-06 | Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability | March 6, 2025 |
| 2024-04-03 | Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability | April 3, 2024 |
| 2024-01-10 | Cisco TelePresence Management Suite Cross-Site Scripting Vulnerabilities | January 10, 2024 |
| 2021-10-20 | Cisco TelePresence Management Suite Stored Cross-Site Scripting Vulnerability | October 20, 2021 |
By the Year
In 2026 there have been 0 vulnerabilities in Cisco Telepresence Management Suite. Last year, in 2025 Telepresence Management Suite had 1 security vulnerability published. Right now, Telepresence Management Suite is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 5.40 |
| 2024 | 3 | 5.40 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 4.80 |
| 2020 | 1 | 5.40 |
| 2019 | 3 | 0.00 |
It may take a day or so for new Telepresence Management Suite vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cisco Telepresence Management Suite Security Vulnerabilities
Cisco TMS XSS via input validation in management interface
CVE-2025-20208
5.4 - Medium
- March 05, 2025
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
XSS
Cisco TMS Authenticated XSS in Web UI via Insufficient Input Validation
CVE-2023-20248
- April 24, 2024
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
XSS
Cisco TMS Web UI XSS vulnerability (CVE-2023-20249)
CVE-2023-20249
5.4 - Medium
- April 24, 2024
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
XSS
Cisco TMS XSS in Web Interface: low-privileged Remote Attack
CVE-2024-20334
5.4 - Medium
- April 03, 2024
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
XSS
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could
CVE-2021-34760
4.8 - Medium
- October 21, 2021
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
XSS
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could
CVE-2020-3185
5.4 - Medium
- March 04, 2020
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web-based management interface or access sensitive, browser-based information.
XSS
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could
CVE-2019-1661
- February 07, 2019
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.
XSS
A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could
CVE-2019-1660
- February 07, 2019
A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to a lack of proper access and authentication controls on the affected TMS software. An attacker could exploit this vulnerability by gaining access to internal, trusted networks to send crafted SOAP calls to the affected device. If successful, an exploit could allow the attacker to access system management tools. Under normal circumstances, this access should be prohibited.
Authorization
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could
CVE-2018-15467
- January 11, 2019
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cisco Telepresence Management Suite or by Cisco? Click the Watch button to subscribe.
