Unified Videoconferencing System 5115 Firmware

unified_videoconferencing_system_5115_firmware

Vendor: Cisco • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-4305 1Cisco 14Unified Videoconferencing System 3515 Multipoint Control Unit Unified Videoconferencing System 3515 Multipoint Control Unit FirmwareUnified Videoconferencing System 3522 Basic Rate Interface Gateway+11 more Apr 29, 2026 Nov 22, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and 5230; Unified Videoconferencing 3527 Primary Rate Interface (PRI) Gateway; Unified Videoconferencing 3522 Basic Rate Interfaces (BRI) Gateway; and Unifie...Show more Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and 5230; Unified Videoconferencing 3527 Primary Rate Interface (PRI) Gateway; Unified Videoconferencing 3522 Basic Rate Interfaces (BRI) Gateway; and Unified Videoconferencing 3515 Multipoint Control Unit (MCU) improperly use cookies for web-interface credentials, which allows remote attackers to obtain sensitive information by reading a (1) cleartext or (2) base64-encoded cleartext cookie, aka Bug ID CSCti54052.Show less
CVE-2010-4304 1Cisco 14Unified Videoconferencing System 3515 Multipoint Control Unit Unified Videoconferencing System 3515 Multipoint Control Unit FirmwareUnified Videoconferencing System 3522 Basic Rate Interface Gateway+11 more Apr 29, 2026 Nov 22, 2010 N/A· v4 N/A· v3 6.4 MEDIUM· v2 The web interface in Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and 5230; Unified Videoconferencing 3527 Primary Rate Interface (PRI) Gateway; Unified Videoconferencing 3522 Basic Rate Interfaces (BRI...Show more The web interface in Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and 5230; Unified Videoconferencing 3527 Primary Rate Interface (PRI) Gateway; Unified Videoconferencing 3522 Basic Rate Interfaces (BRI) Gateway; and Unified Videoconferencing 3515 Multipoint Control Unit (MCU) uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack, aka Bug ID CSCti54048.Show less
CVE-2010-4303 1Cisco 4Unified Videoconferencing System 5110 Unified Videoconferencing System 5110 FirmwareUnified Videoconferencing System 5115+1 more Apr 29, 2026 Nov 22, 2010 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses world-readable permissions for the /etc/shadow file, which allows local users to discover encrypted passwords by r...Show more Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses world-readable permissions for the /etc/shadow file, which allows local users to discover encrypted passwords by reading this file, aka Bug ID CSCti54043.Show less
CVE-2010-4302 1Cisco 4Unified Videoconferencing System 5110 Unified Videoconferencing System 5110 FirmwareUnified Videoconferencing System 5115+1 more Apr 29, 2026 Nov 22, 2010 N/A· v4 N/A· v3 4.9 MEDIUM· v2 /opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses a weak hashing algorithm for the (1) administrator and (2) o...Show more /opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses a weak hashing algorithm for the (1) administrator and (2) operator passwords, which makes it easier for local users to obtain sensitive information by recovering the cleartext values, aka Bug ID CSCti54010.Show less
CVE-2010-3038 1Cisco 4Unified Videoconferencing System 5110 Unified Videoconferencing System 5110 FirmwareUnified Videoconferencing System 5115+1 more Apr 29, 2026 Nov 22, 2010 N/A· v4 N/A· v3 10.0 HIGH· v2 Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, has a default password for the (1) root, (2) cs, and (3) develop accounts, which makes it easier for remote attackers t...Show more Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, has a default password for the (1) root, (2) cs, and (3) develop accounts, which makes it easier for remote attackers to obtain access via the (a) FTP or (b) SSH daemon, aka Bug ID CSCti54008.Show less
CVE-2010-3037 1Cisco 14Unified Videoconferencing System 3515 Multipoint Control Unit Unified Videoconferencing System 3515 Multipoint Control Unit FirmwareUnified Videoconferencing System 3522 Basic Rate Interface Gateway+11 more Apr 29, 2026 Nov 22, 2010 N/A· v4 N/A· v3 8.5 HIGH· v2 goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, and possibly Unified Videoconferencing System 3545 and 5230, Unified Videoconferencing 3527 Primary Rate Interface (PRI) Ga...Show more goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, and possibly Unified Videoconferencing System 3545 and 5230, Unified Videoconferencing 3527 Primary Rate Interface (PRI) Gateway, Unified Videoconferencing 3522 Basic Rate Interfaces (BRI) Gateway, and Unified Videoconferencing 3515 Multipoint Control Unit (MCU), allows remote authenticated administrators to execute arbitrary commands via the username field, related to a "shell command injection vulnerability," aka Bug ID CSCti54059.Show less