6 matches found
CVE-2019-10689
CVE-2019-10689 affects Polycom VVX family with UCS software ≤ 5.9.2 and Better Together over Ethernet Connector (BToE) ≤ 3.9.1. The root issue is insufficient authentication between the BToE application and the BToE component, which enables leakage of sensitive information. Public details in the ...
CVE-2018-18566
Polycom VVX 500/601 devices (firmware
CVE-2019-10688
Summary: CVE-2019-10688 affects VVX (Polycom) devices running UCS 5.9.2 or earlier with Better Together over Ethernet Connector (BToE) 3.9.1. A hard-coded credential vulnerability enables connections between the host application and the device, enabling potential unauthorized access. The CVSS met...
CVE-2017-12857
Polycom devices (SoundStation IP, VVX, RealPresence Trio) running UCS versions older than 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by an information-disclosure vulnerability in the UCS web application. An authenticated remote attacker could read memory segments containing adminis...
CVE-2019-12948
The CVE-2019-12948 entry concerns Polycom UC Software web-based management on VVX, Trio, SoundStructure, SoundPoint and SoundStation phones. A vulnerability exists in the web interface that, when exploited by an authenticated admin, could cause DoS or allow arbitrary code execution. Documents con...
CVE-2018-18568
Polycom VVX 500/601 devices (affected versions