ID CVE-2015-4681
Summary Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords.
References
Vulnerable Configurations
  • cpe:2.3:a:polycom:realpresence_resource_manager:*:*:*:*:*:*:*:*
    cpe:2.3:a:polycom:realpresence_resource_manager:*:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 09-10-2018 - 19:57)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 75432
bugtraq 20150626 SEC Consult SA-20150626-0 :: Critical vulnerabilities in Polycom RealPresence Resource Manager (RPRM) allow surveillance on conferences
confirm https://support.polycom.com/global/documents/support/documentation/Security_Center_Post_for_RPRM_CVEs.pdf
exploit-db 37449
fulldisc 20150626 SEC Consult SA-20150626-0 :: Critical vulnerabilities in Polycom RealPresence Resource Manager (RPRM) allow surveillance on conferences
misc https://packetstormsecurity.com/files/132463/Polycom-RealPresence-Resource-Manager-RPRM-Disclosure-Traversal.html
Last major update 09-10-2018 - 19:57
Published 19-09-2017 - 19:29
Back to Top