← Back

CVE-2023-4466

nvd nist
Published: Dec 29, 2023Modified: Nov 21, 2024

JSON object

Loading...
4.9
Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Exploitability: 1.2 / Impact: 3.6
Source: NVD

Description

A vulnerability has been found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation leads to protection mechanism failure. The attack can be launched remotely. The vendor explains that they do not regard this as a vulnerability as this is a feature that they offer to their customers who have a variety of environmental needs that are met through different firmware builds. To avoid potential roll-back attacks, they remove vulnerable builds from the public servers as a remediation effort. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249259.

Affected (4)

Poly
4 products
Ccx 400 Firmware
Ccx 600 Firmware
Trio 8800 Firmware
Trio C60 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ccx 400 Firmware
All versions
Running on/withPlatform Versions
Poly
Ccx 400
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Ccx 600 Firmware
All versions
Running on/withPlatform Versions
Poly
Ccx 600
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Trio 8800 Firmware
All versions
Running on/withPlatform Versions
Poly
Trio 8800
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Trio C60 Firmware
All versions
Running on/withPlatform Versions
Poly
Trio C60
All versions

Related CWEs

CWE-693
Protection Mechanism Failure
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

References (10)

Source: cna@vuldb.com
Not Applicable
Source: cna@vuldb.com
Source: cna@vuldb.com
Source: cna@vuldb.com
Permissions RequiredThird Party AdvisoryVDB Entry
Source: cna@vuldb.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Not Applicable
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.