CVE-2018-18566

The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business.

Published : 2018-10-24 22:29 Updated : 2018-12-06 20:13

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Polycom Uc Software 5.8.0.12848 cpe:/o:polycom:uc_software:5.8.0.12848
Polycom Vvx 500 Firmware - cpe:/o:polycom:vvx_500_firmware:-
Polycom Vvx 601 Firmware - cpe:/o:polycom:vvx_601_firmware:-
  1. Polycom (3) Search CVE
    1. Vvx 500 Firmware (1) Search CVE
      1. -
    2. Vvx 601 Firmware (1) Search CVE
      1. -
    3. Uc Software (1) Search CVE
      1. 5.8.0.12848

CWE

ID Name Description Links
CWE-200 Information Exposure An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information. CVE

History of changes

Date Event
2018-12-06 20:13
2018-10-30 10:29
2018-10-24 22:29

New CVE