CVE-2015-4681

Description

Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

References

• http://seclists.org/fulldisclosure/2015/Jun/81
• http://www.securityfocus.com/archive/1/535852/100/0/threaded
• http://www.securityfocus.com/bid/75432
• https://packetstormsecurity.com/files/132463/Polycom-RealPresence-Resource-Manager-RPRM-Disclosure-Traversal.html
• https://support.polycom.com/global/documents/support/documentation/Security_Center_Post_for_RPRM_CVEs.pdf
• https://www.exploit-db.com/exploits/37449/
• http://seclists.org/fulldisclosure/2015/Jun/81
• http://www.securityfocus.com/archive/1/535852/100/0/threaded
• http://www.securityfocus.com/bid/75432
• https://packetstormsecurity.com/files/132463/Polycom-RealPresence-Resource-Manager-RPRM-Disclosure-Traversal.html
• https://support.polycom.com/global/documents/support/documentation/Security_Center_Post_for_RPRM_CVEs.pdf
• https://www.exploit-db.com/exploits/37449/

CWEs

CWE-255