CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
AI Score
Confidence
High
EPSS
Percentile
64.6%
A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a denial of service (DoS) condition or execute arbitrary code.
Vendor | Product | Version | CPE |
---|---|---|---|
polycom | unified_communications_software | * | cpe:2.3:o:polycom:unified_communications_software:*:*:*:*:*:*:*:* |
polycom | c12 | - | cpe:2.3:h:polycom:c12:-:*:*:*:*:*:*:* |
polycom | c16 | - | cpe:2.3:h:polycom:c16:-:*:*:*:*:*:*:* |
polycom | c8 | - | cpe:2.3:h:polycom:c8:-:*:*:*:*:*:*:* |
polycom | vvx150 | - | cpe:2.3:h:polycom:vvx150:-:*:*:*:*:*:*:* |
polycom | vvx201 | - | cpe:2.3:h:polycom:vvx201:-:*:*:*:*:*:*:* |
polycom | vvx250 | - | cpe:2.3:h:polycom:vvx250:-:*:*:*:*:*:*:* |
polycom | vvx301 | - | cpe:2.3:h:polycom:vvx301:-:*:*:*:*:*:*:* |
polycom | vvx311 | - | cpe:2.3:h:polycom:vvx311:-:*:*:*:*:*:*:* |
polycom | vvx350 | - | cpe:2.3:h:polycom:vvx350:-:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
AI Score
Confidence
High
EPSS
Percentile
64.6%