Vulnerabilities > CVE-2002-0628 - Improper Restriction of Excessive Authentication Attempts vulnerability in Polycom products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

polycom

CWE-307

NVD

Published: 2003-01-07

Updated: 2024-02-09

Summary

The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack.

Vulnerable Configurations

Part	Description	Count
Hardware	Polycom Polycom Viewstation 512 6.5.1 Polycom Viewstation 512 7.2 Polycom Viewstation H.323 7.2 Polycom Viewstation H.323 6.5.1 Polycom Viewstation SP 384 6.5.1 Polycom Viewstation SP 384 7.2 Polycom Viewstation MP 7.2 Polycom Viewstation MP 6.5.1 Polycom Viewstation 128 7.2 Polycom Viewstation 128 6.5.1 Polycom Viewstation DCP 7.2 Polycom Viewstation DCP 6.5.1 Polycom Viewstation V.35 7.2 Polycom Viewstation V.35 6.5.1 Polycom Viewstation FX Vs4000 4.1.5	15

Common Weakness Enumeration (CWE)

CWE-307 - Improper Restriction of Excessive Authentication Attempts

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References