Cisco Telepresence Management Suite
Recent Cisco Telepresence Management Suite Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 2024-04-03 | Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability | April 3, 2024 |
| 2024-01-10 | Cisco TelePresence Management Suite Cross-Site Scripting Vulnerabilities | January 10, 2024 |
| 2021-10-20 | Cisco TelePresence Management Suite Stored Cross-Site Scripting Vulnerability | October 20, 2021 |
By the Year
In 2024 there have been 0 vulnerabilities in Cisco Telepresence Management Suite . Telepresence Management Suite did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 4.80 |
| 2020 | 1 | 5.40 |
| 2019 | 3 | 5.83 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Telepresence Management Suite vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cisco Telepresence Management Suite Security Vulnerabilities
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could
CVE-2021-34760
4.8 - Medium
- October 21, 2021
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
XSS
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could
CVE-2020-3185
5.4 - Medium
- March 04, 2020
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web-based management interface or access sensitive, browser-based information.
XSS
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could
CVE-2019-1661
6.1 - Medium
- February 07, 2019
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.
XSS
A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could
CVE-2019-1660
5.3 - Medium
- February 07, 2019
A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to a lack of proper access and authentication controls on the affected TMS software. An attacker could exploit this vulnerability by gaining access to internal, trusted networks to send crafted SOAP calls to the affected device. If successful, an exploit could allow the attacker to access system management tools. Under normal circumstances, this access should be prohibited.
Permissions, Privileges, and Access Controls
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could
CVE-2018-15467
6.1 - Medium
- January 11, 2019
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cisco Telepresence Management Suite or by Cisco? Click the Watch button to subscribe.
