CVE-2018-10946 Information
Feb 14, 2021
cve
Description
An issue was discovered in versions earlier than 1.3.0-66872 for Polycom RealPresence Debut that allows attackers to arbitrarily read the admin user’s password via the admin web UI.
CVSS Vector
CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Reference
https://support.polycom.com/content/dam/polycom-support/global/documentation/advisory-rp-debut-vulnerabilities.pdf https://support.polycom.com/PolycomService/home/home.htm
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction Required
HIGH
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
6.8
Share on: