Vulnerabilities > CVE-2015-4681 - Credentials Management vulnerability in Polycom Realpresence Resource Manager
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 6 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities. CVE-2015-4681,CVE-2015-4682,CVE-2015-4683,CVE-2015-4684,CVE-2015-4685. Webapps exp... |
| file | exploits/hardware/webapps/37449.txt |
| id | EDB-ID:37449 |
| last seen | 2016-02-04 |
| modified | 2015-06-30 |
| platform | hardware |
| port | |
| published | 2015-06-30 |
| reporter | SEC Consult |
| source | https://www.exploit-db.com/download/37449/ |
| title | Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities |
| type | webapps |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/132463/SA-20150626-0.txt |
| id | PACKETSTORM:132463 |
| last seen | 2016-12-05 |
| published | 2015-06-26 |
| reporter | Rene Freingruber |
| source | https://packetstormsecurity.com/files/132463/Polycom-RealPresence-Resource-Manager-RPRM-Disclosure-Traversal.html |
| title | Polycom RealPresence Resource Manager (RPRM) Disclosure / Traversal |
References
- https://www.exploit-db.com/exploits/37449/
- https://support.polycom.com/global/documents/support/documentation/Security_Center_Post_for_RPRM_CVEs.pdf
- https://packetstormsecurity.com/files/132463/Polycom-RealPresence-Resource-Manager-RPRM-Disclosure-Traversal.html
- http://www.securityfocus.com/bid/75432
- http://seclists.org/fulldisclosure/2015/Jun/81
- http://www.securityfocus.com/archive/1/535852/100/0/threaded