CVE-2015-4681 - Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified i

CVE-2015-4681

Summary

Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords.

References

Vulnerable Configurations

cpe:2.3:a:polycom:realpresence_resource_manager:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:polycom:realpresence_resource_manager:8.1.1:*:*:*:*:*:*:*
cpe:2.3:a:polycom:realpresence_resource_manager:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:polycom:realpresence_resource_manager:8.2.0:*:*:*:*:*:*:*
cpe:2.3:a:polycom:realpresence_resource_manager:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:polycom:realpresence_resource_manager:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:polycom:realpresence_resource_manager:8.3.0:*:*:*:*:*:*:*
cpe:2.3:a:polycom:realpresence_resource_manager:8.3.0:*:*:*:*:*:*:*
cpe:2.3:a:polycom:realpresence_resource_manager:8.3.1:*:*:*:*:*:*:*
cpe:2.3:a:polycom:realpresence_resource_manager:8.3.1:*:*:*:*:*:*:*
cpe:2.3:a:polycom:realpresence_resource_manager:8.3.2:*:*:*:*:*:*:*
cpe:2.3:a:polycom:realpresence_resource_manager:8.3.2:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	75432
bugtraq	20150626 SEC Consult SA-20150626-0 :: Critical vulnerabilities in Polycom RealPresence Resource Manager (RPRM) allow surveillance on conferences
confirm	https://support.polycom.com/global/documents/support/documentation/Security_Center_Post_for_RPRM_CVEs.pdf
exploit-db	37449
fulldisc	20150626 SEC Consult SA-20150626-0 :: Critical vulnerabilities in Polycom RealPresence Resource Manager (RPRM) allow surveillance on conferences
misc	https://packetstormsecurity.com/files/132463/Polycom-RealPresence-Resource-Manager-RPRM-Disclosure-Traversal.html

Last major update

09-10-2018 - 19:57

Published

19-09-2017 - 19:29

Last modified

09-10-2018 - 19:57