CVE-2002-0628

Published: Jan 7, 2003Modified: Apr 16, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack.

Affected (15)

Products: Polycom: Viewstation 128, Viewstation 512, Viewstation Dcp, Viewstation Fx Vs4000, Viewstation H.323, Viewstation Mp, Viewstation Sp 384, Viewstation V.35

8 products

Viewstation 128

Viewstation 512

Viewstation Dcp

Viewstation Fx Vs4000

Viewstation H.323

Viewstation Sp 384

Viewstation V.35

Configuration A

15 vulnerable

Vulnerable Software	Affected Versions
Polycom Viewstation 128	Version 6.5.1
Polycom Viewstation 128	Version 7.2
Polycom Viewstation 512	Version 6.5.1
Polycom Viewstation 512	Version 7.2
Polycom Viewstation Dcp	Version 6.5.1
Polycom Viewstation Dcp	Version 7.2
Polycom Viewstation Fx Vs4000	Version 4.1.5
Polycom Viewstation H.323	Version 6.5.1
Polycom Viewstation H.323	Version 7.2
Polycom Viewstation Mp	Version 6.5.1
Polycom Viewstation Mp	Version 7.2
Polycom Viewstation Sp 384	Version 6.5.1
Polycom Viewstation Sp 384	Version 7.2
Polycom Viewstation V.35	Version 6.5.1
Polycom Viewstation V.35	Version 7.2

Related CWEs

Improper Restriction of Excessive Authentication Attempts

The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks.

References (12)

http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21089

Source: cve@mitre.org

Broken Link

http://www.ciac.org/ciac/bulletins/m-123.shtml

Source: cve@mitre.org

Broken LinkPatchVendor Advisory

http://www.iss.net/security_center/static/9349.php

Source: cve@mitre.org

Broken LinkVendor Advisory

http://www.polycom.com/common/pw_item_show_doc/0%2C%2C1444%2C00.pdf

Source: cve@mitre.org

Product

http://www.securityfocus.com/bid/5635

Source: cve@mitre.org

Broken LinkThird Party AdvisoryVDB EntryVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/44241

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21089

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.ciac.org/ciac/bulletins/m-123.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkPatchVendor Advisory

http://www.iss.net/security_center/static/9349.php

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkVendor Advisory

http://www.polycom.com/common/pw_item_show_doc/0%2C%2C1444%2C00.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Product

http://www.securityfocus.com/bid/5635

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkThird Party AdvisoryVDB EntryVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/44241

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.