Polycom SoundStation IP, VVX and RealPresence Trio UCS Information Disclosure Vulnerability

Polycom SoundStation IP, VVX, and RealPresence Trio are all products of Polycom, Inc.Polycom SoundStation IP is an IP phone; VVX is a visual conference phone; and RealPresence Trio is a smart Multimedia devices. An information disclosure vulnerability exists in the UCS in Polycom SoundStation IP,...

Information disclosure

Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. This vulnerability could allow an authenticated remote attacker to read a segment of the phone's...

CVE-2017-12857

Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. This vulnerability could allow an authenticated remote attacker to read a segment of the phone's...

CVE-2017-12857

Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. This vulnerability could allow an authenticated remote attacker to read a segment of the phone's...

CVE-2017-12857

Polycom devices (SoundStation IP, VVX, RealPresence Trio) running UCS versions older than 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by an information-disclosure vulnerability in the UCS web application. An authenticated remote attacker could read memory segments containing adminis...

Polycom SoundStation/SoundPoint IP Default Credentials (HTTP)

The remote Polycom SoundStation IP web interface is using known default credentials. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later if...