Vulnerabilities > Polycom > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-09-19 CVE-2015-4684 Credentials Management vulnerability in Polycom Realpresence Resource Manager
Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a ..
network
low complexity
polycom CWE-255
5.5
2017-09-19 CVE-2015-4682 Information Exposure vulnerability in Polycom Realpresence Resource Manager
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager.
network
low complexity
polycom CWE-200
4.0
2017-08-25 CVE-2017-12857 Information Exposure vulnerability in Polycom Unified Communications Software
Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application.
network
low complexity
polycom CWE-200
4.0
2013-01-01 CVE-2012-4970 Cross-Site Scripting vulnerability in Polycom HDX System Software
Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
polycom CWE-79
4.3
2003-08-18 CVE-2003-0556 Unspecified vulnerability in Polycom Mgc-100, Mgc-25 and Mgc-50
Polycom MGC 25 allows remote attackers to cause a denial of service (crash) via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester.
network
low complexity
polycom
5.0