Search criteria
3 vulnerabilities found for realpresence_web_suite by polycom
FKIE_CVE-2018-12592
Vulnerability from fkie_nvd - Published: 2018-06-20 12:29 - Updated: 2024-11-21 03:45
Severity ?
Summary
Polycom RealPresence Web Suite before 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other participants able to view.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/104524 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/104524 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| polycom | realpresence_web_suite | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:polycom:realpresence_web_suite:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5121CC41-CFA0-4669-9570-D2BA0ADF0635",
"versionEndExcluding": "2.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Polycom RealPresence Web Suite before 2.2.0 does not block a user\u0027s video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other participants able to view."
},
{
"lang": "es",
"value": "Polycom RealPresence Web Suite en versiones anteriores a la 2.2.0 no bloquea el v\u00eddeo de un usuario durante unos segundos al unirse a una reuni\u00f3n (cuando el usuario ha elegido expl\u00edcitamente apagar el v\u00eddeo mediante una opci\u00f3n espec\u00edfica). En el transcurso de esos segundos, otros participantes de la reuni\u00f3n podr\u00edan ver la c\u00e1mara del invitado desprevenido."
}
],
"id": "CVE-2018-12592",
"lastModified": "2024-11-21T03:45:30.167",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-20T12:29:00.397",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104524"
},
{
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/104524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2018-12592 (GCVE-0-2018-12592)
Vulnerability from cvelistv5 – Published: 2018-06-20 12:00 – Updated: 2024-08-05 08:38
VLAI?
Summary
Polycom RealPresence Web Suite before 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other participants able to view.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:38:06.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104524",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104524"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Polycom RealPresence Web Suite before 2.2.0 does not block a user\u0027s video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other participants able to view."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-22T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "104524",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104524"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Polycom RealPresence Web Suite before 2.2.0 does not block a user\u0027s video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other participants able to view."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104524"
},
{
"name": "https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf",
"refsource": "CONFIRM",
"url": "https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-12592",
"datePublished": "2018-06-20T12:00:00",
"dateReserved": "2018-06-20T00:00:00",
"dateUpdated": "2024-08-05T08:38:06.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-12592 (GCVE-0-2018-12592)
Vulnerability from nvd – Published: 2018-06-20 12:00 – Updated: 2024-08-05 08:38
VLAI?
Summary
Polycom RealPresence Web Suite before 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other participants able to view.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:38:06.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104524",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104524"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Polycom RealPresence Web Suite before 2.2.0 does not block a user\u0027s video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other participants able to view."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-22T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "104524",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104524"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Polycom RealPresence Web Suite before 2.2.0 does not block a user\u0027s video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other participants able to view."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104524",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104524"
},
{
"name": "https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf",
"refsource": "CONFIRM",
"url": "https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-on-polycom-realpresence-web-suite-v-1-0.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-12592",
"datePublished": "2018-06-20T12:00:00",
"dateReserved": "2018-06-20T00:00:00",
"dateUpdated": "2024-08-05T08:38:06.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}