Critical severity9.8NVD Advisory· Published Sep 19, 2017· Updated May 13, 2026

CVE-2015-4683

Description

Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests.

Affected products

Polycom/Realpresence Resource Manager
cpe:2.3:a:polycom:realpresence_resource_manager:*:*:*:*:*:*:*:*
Range: <=8.3.2

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/132463/Polycom-RealPresence-Resource-Manager-RPRM-Disclosure-Traversal.htmlnvdExploitThird Party AdvisoryVDB Entry
seclists.org/fulldisclosure/2015/Jun/81nvdExploitMailing ListThird Party AdvisoryVDB Entry
www.exploit-db.com/exploits/37449/nvdExploitThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/75432nvdThird Party AdvisoryVDB Entry
support.polycom.com/global/documents/support/documentation/Security_Center_Post_for_RPRM_CVEs.pdfnvdVendor Advisory
www.securityfocus.com/archive/1/535852/100/0/threadednvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.027
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000