CVE-2018-10946

Published: Jun 13, 2019Modified: Nov 21, 2024

6.8

Vector

CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.9 / Impact: 5.9

Source: NVD

Description

An issue was discovered in versions earlier than 1.3.0-66872 for Polycom RealPresence Debut that allows attackers to arbitrarily read the admin user's password via the admin web UI.

Affected (1)

Products: Polycom: Realpresence Debut Firmware

Polycom

1 product

Realpresence Debut Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Polycom Realpresence Debut Firmware	Before 1.3.0-66872

Running on/with	Platform Versions
Polycom Realpresence Debut	All versions

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

https://support.polycom.com/PolycomService/home/home.htm

Source: cve@mitre.org

Vendor Advisory

https://support.polycom.com/content/dam/polycom-support/global/documentation/advisory-rp-debut-vulnerabilities.pdf

Source: cve@mitre.org

Vendor Advisory

https://support.polycom.com/PolycomService/home/home.htm

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.polycom.com/content/dam/polycom-support/global/documentation/advisory-rp-debut-vulnerabilities.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.