Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
383
VMScore

CVE-2018-18568

Published: 24/10/2018 Updated: 15/06/2021
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Polycom

Vulnerability Summary

Polycom VVX 500 and 601 devices 5.8.0.12848 and previous versions allows man-in-the-middle malicious users to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

polycom unified communications software

polycom vvx_601_firmware -

polycom vvx_500_firmware -

Exploits

Exploit DB: Polycom VVX 500 / VVX 601 5.8.0.12848 Man-In-The-Middle
Polycom VVX 500 / VVX 601 versions 58012848 and below suffer from a man-in-the-middle vulnerability ...

References

CWE-295https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-027.txthttps://seclists.org/bugtraq/2018/Oct/36https://nvd.nist.govhttps://packetstormsecurity.com/files/149939/Polycom-VVX-500-VVX-601-5.8.0.12848-Man-In-The-Middle.html
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook