CVE-2018-12592

Published: Jun 20, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Polycom RealPresence Web Suite before 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other participants able to view.

Affected (1)

Products: Polycom: Realpresence Web Suite

1 product

Realpresence Web Suite

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Polycom Realpresence Web Suite	Before 2.2.0

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

http://www.securityfocus.com/bid/104524

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf

Source: cve@mitre.org

MitigationVendor Advisory

http://www.securityfocus.com/bid/104524

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

Timeline

No history available yet.