Описание
VVX products using UCS software version 5.9.2 and earlier with Better Together over Ethernet Connector (BToE) application version 3.9.1 and earlier provides insufficient authentication between the BToE application and the BToE component, resulting in leakage of sensitive information.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.9.1 (включая)Версия до 5.9.2 (включая)
Одно из
cpe:2.3:a:polycom:better_together_over_ethernet_connector:*:*:*:*:*:*:*:*
cpe:2.3:a:polycom:unified_communications_software:*:*:*:*:*:*:*:*
EPSS
Процентиль: 56%
0.00333
Низкий
6.5 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 6.5
github
больше 3 лет назад
VVX products using UCS software version 5.9.2 and earlier with Better Together over Ethernet Connector (BToE) application version 3.9.1 and earlier provides insufficient authentication between the BToE application and the BToE component, resulting in leakage of sensitive information.
EPSS
Процентиль: 56%
0.00333
Низкий
6.5 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-287