Vulnerabilities > Polycom > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-09-19 | CVE-2015-4684 | Credentials Management vulnerability in Polycom Realpresence Resource Manager Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a .. | 5.5 |
2017-09-19 | CVE-2015-4682 | Information Exposure vulnerability in Polycom Realpresence Resource Manager Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager. | 4.0 |
2017-08-25 | CVE-2017-12857 | Information Exposure vulnerability in Polycom Unified Communications Software Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. | 4.0 |
2013-01-01 | CVE-2012-4970 | Cross-Site Scripting vulnerability in Polycom HDX System Software Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2003-08-18 | CVE-2003-0556 | Unspecified vulnerability in Polycom Mgc-100, Mgc-25 and Mgc-50 Polycom MGC 25 allows remote attackers to cause a denial of service (crash) via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester. | 5.0 |