定价企业版

CVE-2015-4683

9.8CRITICAL

Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with

发布于: 9/19/2017更新于: 4/20/2025

在NVD查看在MITRE查看

描述

Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests.

AI分析AI驱动

受影响产品

polycomrealpresence_resource_manager

可用漏洞利用 (1)

webappshardware

Polycom RealPresence Resource Manager < 8.4 - Multiple Vulnerabilities

CVE-2015-4685CVE-2015-4684CVE-2015-4683+2 more

SEC Consult6/30/2015

参考资料

http://packetstormsecurity.com/files/132463/Polycom-RealPresence-Resource-Manager-RPRM-Disclosure-Traversal.html
ExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2015/Jun/81
ExploitMailing ListThird Party AdvisoryVDB Entry
http://www.securityfocus.com/archive/1/535852/100/0/threaded
http://www.securityfocus.com/bid/75432
Third Party AdvisoryVDB Entry
https://support.polycom.com/global/documents/support/documentation/Security_Center_Post_for_RPRM_CVEs.pdf
Vendor Advisory
https://www.exploit-db.com/exploits/37449/
ExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/132463/Polycom-RealPresence-Resource-Manager-RPRM-Disclosure-Traversal.html
ExploitThird Party AdvisoryVDB Entry
http://seclists.org/fulldisclosure/2015/Jun/81
ExploitMailing ListThird Party AdvisoryVDB Entry
http://www.securityfocus.com/archive/1/535852/100/0/threaded
http://www.securityfocus.com/bid/75432
Third Party AdvisoryVDB Entry
https://support.polycom.com/global/documents/support/documentation/Security_Center_Post_for_RPRM_CVEs.pdf
Vendor Advisory
https://www.exploit-db.com/exploits/37449/
ExploitThird Party AdvisoryVDB Entry