How severe is CVE-2015-4684?

CVE-2015-4684 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2015-4684

Name: realpresence_resource_manager
Author: polycom

6.5MEDIUM

Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a .. (dot dot) in the Modif

Published: 9/19/2017Updated: 4/20/2025

Description

Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a .. (dot dot) in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrators to upload arbitrary files via the (2) Filename or (3) SE_FNAME parameter to PlcmRmWeb/FileUpload or to read and remove arbitrary files via the (4) filePathName parameter in an importSipUriReservations SOAP request to PlcmRmWeb/JUserManager.

AI AnalysisPowered by AI

Affected Products

polycomrealpresence_resource_manager

Description

AI AnalysisPowered by AI

Affected Products

Available Exploits (1)

Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities

References