Cisco Mediasense
8 CVEs affecting Cisco Mediasense. Latest disclosed: 2017-11-16. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-12337 | Critical | 9.8 | 2017-11-16 | A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an unauthentic… |
CVE-2015-0736 | | 2015-05-16 | Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense 10.5(1) and earlier allows remote attackers to hijack the authentication of arbitrary users… | |
CVE-2014-0672 | | 2014-01-22 | The Search and Play interface in Cisco MediaSense does not properly enforce authorization requirements, which allows remote authenticated users to download arb… | |
CVE-2014-0671 | | 2014-01-22 | Open redirect vulnerability in Cisco MediaSense allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecifie… | |
CVE-2014-0670 | | 2014-01-22 | Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML vi… | |
CVE-2013-5502 | | 2013-09-23 | The web interface in Cisco MediaSense does not properly protect the client-server communication channel, which allows remote attackers to obtain sensitive quer… | |
CVE-2013-5501 | | 2013-09-20 | Cross-site scripting (XSS) vulnerability in the oraservice page in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspe… | |
CVE-2013-5500 | | 2013-09-20 | Multiple cross-site scripting (XSS) vulnerabilities in the oraadmin service page in Cisco MediaSense allow remote attackers to inject arbitrary web script or H… |