Precios Enterprise

CVE-2015-4682

6.5MEDIUM

Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager.

Publicado: 9/19/2017Actualizado: 4/20/2025

Ver en NVD Ver en MITRE

Descripción

Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager.

Análisis IAImpulsado por IA

Productos Afectados

polycomrealpresence_resource_manager

Exploits Disponibles (1)

webappshardware

Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities

CVE-2015-4685CVE-2015-4684CVE-2015-4683+2 more

SEC Consult6/30/2015

Referencias

http://packetstormsecurity.com/files/132463/Polycom-RealPresence-Resource-Manager-RPRM-Disclosure-Traversal.html
ExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2015/Jun/81
ExploitMailing ListThird Party AdvisoryVDB Entry
http://www.securityfocus.com/archive/1/535852/100/0/threaded
http://www.securityfocus.com/bid/75432
Third Party AdvisoryVDB Entry
https://support.polycom.com/global/documents/support/documentation/Security_Center_Post_for_RPRM_CVEs.pdf
Vendor Advisory
https://www.exploit-db.com/exploits/37449/
ExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/132463/Polycom-RealPresence-Resource-Manager-RPRM-Disclosure-Traversal.html
ExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2015/Jun/81
ExploitMailing ListThird Party AdvisoryVDB Entry
http://www.securityfocus.com/archive/1/535852/100/0/threaded
http://www.securityfocus.com/bid/75432
Third Party AdvisoryVDB Entry
https://support.polycom.com/global/documents/support/documentation/Security_Center_Post_for_RPRM_CVEs.pdf
Vendor Advisory
https://www.exploit-db.com/exploits/37449/
ExploitThird Party AdvisoryVDB Entry