Vendor CVEs
Polycom
All CVEs
47 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-4683 | Cri | 0.67 | 9.8 | 0.07 | Sep 19, 2017 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests. | ||
| CVE-2025-34093 | Hig | 0.58 | — | 0.02 | Jul 10, 2025 | An authenticated command injection vulnerability exists in the Polycom HDX Series command shell interface accessible over Telnet. The lan traceroute command in the devcmds console accepts unsanitized input, allowing attackers to execute arbitrary system commands. By injecting… | ||
| CVE-2018-7565 | Hig | 0.57 | 8.8 | 0.00 | Mar 7, 2018 | CSRF exists on Polycom QDX 6000 devices. | ||
| CVE-2017-12857 | Hig | 0.57 | 8.8 | 0.02 | Aug 25, 2017 | Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. This vulnerability could allow an authenticated remote attacker to read a… | ||
| CVE-2015-4681 | Hig | 0.54 | 7.8 | 0.02 | Sep 19, 2017 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords. | ||
| CVE-2015-8300 | Hig | 0.51 | 7.8 | 0.01 | Aug 28, 2017 | Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: Full Control) for "Program Files (x86)\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privileges via a Trojan horse file. | ||
| CVE-2025-22918 | Hig | 0.49 | 7.5 | 0.00 | Feb 3, 2025 | Polycom RealPresence Group 500 <=20 has Insecure Permissions due to automatically loaded cookies. This allows for the use of administrator functions, resulting in the leakage of sensitive user information. | ||
| CVE-2018-12592 | Hig | 0.49 | 7.5 | 0.01 | Jun 20, 2018 | Polycom RealPresence Web Suite before 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other… | ||
| CVE-2015-4685 | Hig | 0.49 | 7.0 | 0.01 | Sep 19, 2017 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration. | ||
| CVE-2002-0628 | Hig | 0.49 | 7.5 | 0.02 | Jan 7, 2003 | The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack. | ||
| CVE-2015-4684 | Med | 0.46 | 6.5 | 0.05 | Sep 19, 2017 | Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a .. (dot dot) in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrators… | ||
| CVE-2015-4682 | Med | 0.46 | 6.5 | 0.05 | Sep 19, 2017 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager. | ||
| CVE-2018-7564 | Med | 0.40 | 6.1 | 0.01 | Mar 7, 2018 | Stored XSS exists on Polycom QDX 6000 devices. | ||
| CVE-2012-6610 | 0.07 | — | 0.11 | Jan 28, 2020 | Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature. | |||
| CVE-2002-1906 | 0.04 | — | 0.07 | Dec 31, 2002 | The web server for Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (CPU consumption) by sending incomplete HTTP requests and leaving the connections open. | |||
| CVE-2002-1905 | 0.04 | — | 0.08 | Dec 31, 2002 | Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request. | |||
| CVE-2023-4468 | 0.00 | — | 0.00 | Dec 29, 2023 | A vulnerability was found in Poly Trio 8500, Trio 8800 and Trio C60. It has been classified as problematic. This affects an unknown part of the component Poly Lens Management Cloud Registration. The manipulation leads to missing authorization. It is possible to launch the attack… | |||
| CVE-2023-4466 | 0.00 | — | 0.01 | Dec 29, 2023 | A vulnerability has been found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation leads to protection mechanism failure. The attack can be… | |||
| CVE-2023-4465 | 0.00 | — | 0.00 | Dec 29, 2023 | A vulnerability, which was classified as problematic, was found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101,… | |||
| CVE-2023-4464 | 0.00 | — | 0.03 | Dec 29, 2023 | A vulnerability, which was classified as critical, has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101,… | |||
| CVE-2023-4463 | 0.00 | — | 0.01 | Dec 29, 2023 | A vulnerability classified as problematic was found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument Cookie leads to denial of service. The attack can be initiated… | |||
| CVE-2023-4462 | 0.00 | — | 0.01 | Dec 29, 2023 | A vulnerability classified as problematic has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150,… | |||
| CVE-2023-38994 | 0.00 | — | 0.00 | Oct 31, 2023 | The 'check_univention_joinstatus' prometheus monitoring script (and other scripts) in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By… | |||
| CVE-2019-11355 | 0.00 | — | 0.01 | Mar 12, 2020 | An issue was discovered in Poly (formerly Polycom) HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script… | |||
| CVE-2012-6611 | 0.00 | — | 0.03 | Feb 10, 2020 | An issue was discovered in Polycom Web Management Interface G3/HDX 8000 HD with Durango 2.6.0 4740 software and embedded Polycom Linux Development Platform 2.14.g3. It has a blank administrative password by default, and can be successfully used without setting this password. | |||
| CVE-2012-6609 | 0.00 | — | 0.02 | Jan 28, 2020 | Directory traversal vulnerability in a_getlog.cgi in Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. | |||
| CVE-2019-14259 | 0.00 | — | 0.03 | Aug 1, 2019 | On the Polycom Obihai Obi1022 VoIP phone with firmware 5.1.11, a command injection (missing input validation) issue in the NTP server IP address field for the "Time Service Settings web" interface allows an authenticated remote attacker in the same network to trigger OS commands… | |||
| CVE-2019-12948 | 0.00 | — | 0.02 | Jul 29, 2019 | A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a denial of service (DoS) condition or… | |||
| CVE-2019-10689 | 0.00 | — | 0.01 | Jun 24, 2019 | VVX products using UCS software version 5.9.2 and earlier with Better Together over Ethernet Connector (BToE) application version 3.9.1 and earlier provides insufficient authentication between the BToE application and the BToE component, resulting in leakage of sensitive… | |||
| CVE-2018-10947 | 0.00 | — | 0.00 | Jun 13, 2019 | An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted. | |||
| CVE-2018-10946 | 0.00 | — | 0.00 | Jun 13, 2019 | An issue was discovered in versions earlier than 1.3.0-66872 for Polycom RealPresence Debut that allows attackers to arbitrarily read the admin user's password via the admin web UI. | |||
| CVE-2018-15128 | 0.00 | — | 0.05 | May 13, 2019 | An issue was discovered in Polycom Group Series 6.1.6.1 and earlier, HDX 3.1.12 and earlier, and Pano 1.1.1 and earlier. A remote code execution vulnerability exists in the content sharing functionality because of a Buffer Overflow via crafted packets. | |||
| CVE-2019-10688 | 0.00 | — | 0.00 | Apr 23, 2019 | VVX products with software versions including and prior to, UCS 5.9.2 with Better Together over Ethernet Connector (BToE) application 3.9.1, use hard-coded credentials to establish connections between the host application and the device. | |||
| CVE-2018-14935 | 0.00 | — | 0.01 | Nov 15, 2018 | The Web administration console on Polycom Trio devices with software before 5.5.4 has XSS. | |||
| CVE-2018-14934 | 0.00 | — | 0.01 | Nov 15, 2018 | The Bluetooth subsystem on Polycom Trio devices with software before 5.5.4 has Incorrect Access Control. An attacker can connect without authentication and subsequently record audio from the device microphone. | |||
| CVE-2018-18568 | 0.00 | — | 0.01 | Oct 24, 2018 | Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business. | |||
| CVE-2018-18566 | 0.00 | — | 0.03 | Oct 24, 2018 | The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business. | |||
| CVE-2015-1516 | 0.00 | — | 0.01 | Sep 3, 2015 | Cross-site scripting (XSS) vulnerability in Polycom RealPresence CloudAXIS Suite before 1.7.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2012-4970 | 0.00 | — | 0.01 | Jan 1, 2013 | Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||
| CVE-2007-3368 | 0.00 | — | 0.02 | Jun 22, 2007 | Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ allows remote attackers to cause a denial of service (device reboot) via a malformed CGI parameter. | |||
| CVE-2007-3369 | 0.00 | — | 0.02 | Jun 22, 2007 | Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ and SIP version 1.6.3.0067 allows remote attackers to cause a denial of service (device hang or reboot) via an INVITE message with a long Via header. | |||
| CVE-2006-5233 | 0.00 | — | 0.02 | Oct 11, 2006 | Polycom SoundPoint IP 301 VoIP Desktop Phone, firmware version 1.4.1.0040, allows remote attackers to cause a denial of service (reboot) via (1) a long URL sent to the HTTP daemon and (2) unspecified manipulations as demonstrated by the Nessus http_fingerprinting_hmap.nasl… | |||
| CVE-2003-0556 | 0.00 | — | 0.01 | Aug 18, 2003 | Polycom MGC 25 allows remote attackers to cause a denial of service (crash) via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester. | |||
| CVE-2002-0627 | 0.00 | — | 0.02 | Jan 7, 2003 | The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests. | |||
| CVE-2002-0629 | 0.00 | — | 0.02 | Jan 7, 2003 | The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via multiple connections to the server. | |||
| CVE-2002-0630 | 0.00 | — | 0.02 | Jan 7, 2003 | The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets. | |||
| CVE-2002-0626 | 0.00 | — | 0.02 | Jan 7, 2003 | Polycom ViewStation before 7.2.4 has a default null password for the administrator account, which allows arbitrary users to conduct unauthorized activities. |
- risk 0.67cvss 9.8epss 0.07
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests.
- risk 0.58cvss —epss 0.02
An authenticated command injection vulnerability exists in the Polycom HDX Series command shell interface accessible over Telnet. The lan traceroute command in the devcmds console accepts unsanitized input, allowing attackers to execute arbitrary system commands. By injecting…
- risk 0.57cvss 8.8epss 0.00
CSRF exists on Polycom QDX 6000 devices.
- risk 0.57cvss 8.8epss 0.02
Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. This vulnerability could allow an authenticated remote attacker to read a…
- risk 0.54cvss 7.8epss 0.02
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords.
- risk 0.51cvss 7.8epss 0.01
Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: Full Control) for "Program Files (x86)\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privileges via a Trojan horse file.
- risk 0.49cvss 7.5epss 0.00
Polycom RealPresence Group 500 <=20 has Insecure Permissions due to automatically loaded cookies. This allows for the use of administrator functions, resulting in the leakage of sensitive user information.
- risk 0.49cvss 7.5epss 0.01
Polycom RealPresence Web Suite before 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other…
- risk 0.49cvss 7.0epss 0.01
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration.
- risk 0.49cvss 7.5epss 0.02
The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack.
- risk 0.46cvss 6.5epss 0.05
Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a .. (dot dot) in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrators…
- risk 0.46cvss 6.5epss 0.05
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager.
- risk 0.40cvss 6.1epss 0.01
Stored XSS exists on Polycom QDX 6000 devices.
- CVE-2012-6610Jan 28, 2020risk 0.07cvss —epss 0.11
Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature.
- CVE-2002-1906Dec 31, 2002risk 0.04cvss —epss 0.07
The web server for Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (CPU consumption) by sending incomplete HTTP requests and leaving the connections open.
- CVE-2002-1905Dec 31, 2002risk 0.04cvss —epss 0.08
Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
- CVE-2023-4468Dec 29, 2023risk 0.00cvss —epss 0.00
A vulnerability was found in Poly Trio 8500, Trio 8800 and Trio C60. It has been classified as problematic. This affects an unknown part of the component Poly Lens Management Cloud Registration. The manipulation leads to missing authorization. It is possible to launch the attack…
- CVE-2023-4466Dec 29, 2023risk 0.00cvss —epss 0.01
A vulnerability has been found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation leads to protection mechanism failure. The attack can be…
- CVE-2023-4465Dec 29, 2023risk 0.00cvss —epss 0.00
A vulnerability, which was classified as problematic, was found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101,…
- CVE-2023-4464Dec 29, 2023risk 0.00cvss —epss 0.03
A vulnerability, which was classified as critical, has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101,…
- CVE-2023-4463Dec 29, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument Cookie leads to denial of service. The attack can be initiated…
- CVE-2023-4462Dec 29, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as problematic has been found in Poly Trio 8300, Trio 8500, Trio 8800, Trio C60, CCX 350, CCX 400, CCX 500, CCX 505, CCX 600, CCX 700, EDGE E100, EDGE E220, EDGE E300, EDGE E320, EDGE E350, EDGE E400, EDGE E450, EDGE E500, EDGE E550, VVX 101, VVX 150,…
- CVE-2023-38994Oct 31, 2023risk 0.00cvss —epss 0.00
The 'check_univention_joinstatus' prometheus monitoring script (and other scripts) in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By…
- CVE-2019-11355Mar 12, 2020risk 0.00cvss —epss 0.01
An issue was discovered in Poly (formerly Polycom) HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script…
- CVE-2012-6611Feb 10, 2020risk 0.00cvss —epss 0.03
An issue was discovered in Polycom Web Management Interface G3/HDX 8000 HD with Durango 2.6.0 4740 software and embedded Polycom Linux Development Platform 2.14.g3. It has a blank administrative password by default, and can be successfully used without setting this password.
- CVE-2012-6609Jan 28, 2020risk 0.00cvss —epss 0.02
Directory traversal vulnerability in a_getlog.cgi in Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.
- CVE-2019-14259Aug 1, 2019risk 0.00cvss —epss 0.03
On the Polycom Obihai Obi1022 VoIP phone with firmware 5.1.11, a command injection (missing input validation) issue in the NTP server IP address field for the "Time Service Settings web" interface allows an authenticated remote attacker in the same network to trigger OS commands…
- CVE-2019-12948Jul 29, 2019risk 0.00cvss —epss 0.02
A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a denial of service (DoS) condition or…
- CVE-2019-10689Jun 24, 2019risk 0.00cvss —epss 0.01
VVX products using UCS software version 5.9.2 and earlier with Better Together over Ethernet Connector (BToE) application version 3.9.1 and earlier provides insufficient authentication between the BToE application and the BToE component, resulting in leakage of sensitive…
- CVE-2018-10947Jun 13, 2019risk 0.00cvss —epss 0.00
An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the admin cookie is reset only after a Debut is rebooted.
- CVE-2018-10946Jun 13, 2019risk 0.00cvss —epss 0.00
An issue was discovered in versions earlier than 1.3.0-66872 for Polycom RealPresence Debut that allows attackers to arbitrarily read the admin user's password via the admin web UI.
- CVE-2018-15128May 13, 2019risk 0.00cvss —epss 0.05
An issue was discovered in Polycom Group Series 6.1.6.1 and earlier, HDX 3.1.12 and earlier, and Pano 1.1.1 and earlier. A remote code execution vulnerability exists in the content sharing functionality because of a Buffer Overflow via crafted packets.
- CVE-2019-10688Apr 23, 2019risk 0.00cvss —epss 0.00
VVX products with software versions including and prior to, UCS 5.9.2 with Better Together over Ethernet Connector (BToE) application 3.9.1, use hard-coded credentials to establish connections between the host application and the device.
- CVE-2018-14935Nov 15, 2018risk 0.00cvss —epss 0.01
The Web administration console on Polycom Trio devices with software before 5.5.4 has XSS.
- CVE-2018-14934Nov 15, 2018risk 0.00cvss —epss 0.01
The Bluetooth subsystem on Polycom Trio devices with software before 5.5.4 has Incorrect Access Control. An attacker can connect without authentication and subsequently record audio from the device microphone.
- CVE-2018-18568Oct 24, 2018risk 0.00cvss —epss 0.01
Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business.
- CVE-2018-18566Oct 24, 2018risk 0.00cvss —epss 0.03
The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business.
- CVE-2015-1516Sep 3, 2015risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in Polycom RealPresence CloudAXIS Suite before 1.7.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2012-4970Jan 1, 2013risk 0.00cvss —epss 0.01
Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
- CVE-2007-3368Jun 22, 2007risk 0.00cvss —epss 0.02
Buffer overflow in the HTTP server on the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ allows remote attackers to cause a denial of service (device reboot) via a malformed CGI parameter.
- CVE-2007-3369Jun 22, 2007risk 0.00cvss —epss 0.02
Buffer overflow in the Polycom SoundPoint IP 601 SIP phone with BootROM 3.0.x+ and SIP version 1.6.3.0067 allows remote attackers to cause a denial of service (device hang or reboot) via an INVITE message with a long Via header.
- CVE-2006-5233Oct 11, 2006risk 0.00cvss —epss 0.02
Polycom SoundPoint IP 301 VoIP Desktop Phone, firmware version 1.4.1.0040, allows remote attackers to cause a denial of service (reboot) via (1) a long URL sent to the HTTP daemon and (2) unspecified manipulations as demonstrated by the Nessus http_fingerprinting_hmap.nasl…
- CVE-2003-0556Aug 18, 2003risk 0.00cvss —epss 0.01
Polycom MGC 25 allows remote attackers to cause a denial of service (crash) via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester.
- CVE-2002-0627Jan 7, 2003risk 0.00cvss —epss 0.02
The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests.
- CVE-2002-0629Jan 7, 2003risk 0.00cvss —epss 0.02
The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via multiple connections to the server.
- CVE-2002-0630Jan 7, 2003risk 0.00cvss —epss 0.02
The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets.
- CVE-2002-0626Jan 7, 2003risk 0.00cvss —epss 0.02
Polycom ViewStation before 7.2.4 has a default null password for the administrator account, which allows arbitrary users to conduct unauthorized activities.