PT-2019-11995 · Polycom · Polycom Vvx+2
Publicado
2019-06-24
·
Atualizado
2019-06-27
·
CVE-2019-10689
CVSS v3.1
6.5
Média
| Vetor | AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Polycom VVX products using UCS software version 5.9.2 and earlier
Polycom VVX products using Better Together over Ethernet Connector (BToE) application version 3.9.1 and earlier
Description
The issue results in insufficient authentication between the BToE application and the BToE component, leading to leakage of sensitive information.
Recommendations
For Polycom VVX products using UCS software version 5.9.2 and earlier, update the UCS software to a version later than 5.9.2.
For Polycom VVX products using Better Together over Ethernet Connector (BToE) application version 3.9.1 and earlier, update the BToE application to a version later than 3.9.1.
Correção
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Btoe
Polycom Vvx
Ucs