Realpresence Resource Manager

CVEs (5)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	Published	Description
CVE-2015-4683	Polycom Realpresence Resource Manager	Cri	0.69	9.8	0.34	Sep 19, 2017	Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests.
CVE-2015-4681	Polycom Realpresence Resource Manager	Hig	0.54	7.8	0.01	Sep 19, 2017	Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords.
CVE-2015-4685	Polycom Realpresence Resource Manager	Hig	0.49	7.0	0.00	Sep 19, 2017	Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration.
CVE-2015-4684	Polycom Realpresence Resource Manager	Med	0.46	6.5	0.11	Sep 19, 2017	Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a .. (dot dot) in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrators…
CVE-2015-4682	Polycom Realpresence Resource Manager	Med	0.46	6.5	0.12	Sep 19, 2017	Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager.

CVE-2015-4683CriSep 19, 2017
Polycom
Realpresence Resource Manager
risk 0.69cvss 9.8epss 0.34
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests.
CVE-2015-4681HigSep 19, 2017
Polycom
Realpresence Resource Manager
risk 0.54cvss 7.8epss 0.01
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords.
CVE-2015-4685HigSep 19, 2017
Polycom
Realpresence Resource Manager
risk 0.49cvss 7.0epss 0.00
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration.
CVE-2015-4684MedSep 19, 2017
Polycom
Realpresence Resource Manager
risk 0.46cvss 6.5epss 0.11
Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a .. (dot dot) in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrators…
CVE-2015-4682MedSep 19, 2017
Polycom
Realpresence Resource Manager
risk 0.46cvss 6.5epss 0.12
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager.