Vulnerabilities > Polycom > Trio 8500 > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-07-29 CVE-2019-12948 Exposed Dangerous Method or Function vulnerability in Polycom products
A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a denial of service (DoS) condition or execute arbitrary code.
network
low complexity
polycom CWE-749
6.5
2018-11-15 CVE-2018-14935 Cross-site Scripting vulnerability in Polycom Trio 8500 Firmware
The Web administration console on Polycom Trio devices with software before 5.5.4 has XSS.
network
polycom CWE-79
4.3