PT-2024-29628 · Poly · Poly Clariti Manager
Published
2024-08-06
·
Updated
2025-10-03
·
CVE-2024-41910
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Poly Clariti Manager versions up to 10.10.2.2
Description
A vulnerability was discovered in the firmware of Poly Clariti Manager devices, where the firmware contained multiple XSS vulnerabilities in the version of JavaScript used.
Recommendations
For versions up to 10.10.2.2, update the firmware to a version later than 10.10.2.2 to resolve the issue.
As a temporary workaround, consider restricting access to the device's web interface to minimize the risk of exploitation.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Poly Clariti Manager