PT-2019-11994 · Polycom · Polycom Vvx+1

Publicado

2019-04-23

Atualizado

2019-06-17

CVE-2019-10688

CVSS v3.1

6.8

Média

Vetor

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Polycom VVX products versions prior to UCS 5.9.2

Description The issue concerns the use of hard-coded credentials to establish connections between the host application and the device in VVX products. This specifically affects versions including and prior to UCS 5.9.2 with the Better Together over Ethernet Connector (BToE) application 3.9.1.

Recommendations For versions prior to UCS 5.9.2, update to a version that does not use hard-coded credentials for establishing connections.

Correção

Using Hardcoded Credentials

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-798

Identificadores relacionados

CVE-2019-10688

Produtos afetados

Better Together Over Ethernet Connector

Polycom Vvx

PT-2019-11994 · Polycom · Polycom Vvx+1

CVE-2019-10688

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3