CVE-2019-12948

A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a denial of service (DoS) condition or execute arbitrary code.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:polycom:unified_communications_software:*:*:*:*:*:*:*:*
cpe:2.3:o:polycom:unified_communications_software:*:*:*:*:*:*:*:*
cpe:2.3:o:polycom:unified_communications_software:*:*:*:*:*:*:*:*
OR cpe:2.3:h:polycom:vvx201:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx301:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx601:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:c16:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:c8:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:c12:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx150:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx350:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx401:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx411:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx450:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx311:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx501:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx250:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:polycom:united_communications_software:*:*:*:*:*:*:*:*
OR cpe:2.3:h:polycom:trio_8500:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:trio_8800:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:polycom:united_communications_software:*:*:*:*:*:*:*:*
OR cpe:2.3:h:polycom:soundpoint_ip_321:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_335:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_600:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_650:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundstation2_avaya_2490:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundstation_duo:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_450:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_500:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_501:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_550:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundstation_ip_5000:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_300:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_301:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_320:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_330:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_331:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_430:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_560:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_601:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_ip_670:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_pro_se-220:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundpoint_pro_se-225:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundstation2:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundstation2w:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundstation_vtx_1000:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundstation2_direct_connect_for_nortel:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundstation_ip_4000:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundstation_ip_6000:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundstation_ip_7000:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:soundstation_ip_7000_video_integration:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:o:polycom:unified_communications_software:*:*:*:*:*:*:*:*
cpe:2.3:o:polycom:unified_communications_software:*:*:*:*:*:*:*:*
OR cpe:2.3:h:polycom:vvx500:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx300:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx310:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx400:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx410:-:*:*:*:*:*:*:*
cpe:2.3:h:polycom:vvx600:-:*:*:*:*:*:*:*

Information

Published : 2019-07-29 09:15

Updated : 2019-08-06 10:11


NVD link : CVE-2019-12948

Mitre link : CVE-2019-12948


JSON object : View

CWE
CWE-749

Exposed Dangerous Method or Function

Advertisement

dedicated server usa

Products Affected

polycom

  • c12
  • soundpoint_ip_335
  • soundpoint_pro_se-225
  • soundpoint_ip_670
  • vvx401
  • vvx501
  • soundpoint_ip_331
  • soundstation2
  • unified_communications_software
  • soundpoint_ip_321
  • soundstation_vtx_1000
  • vvx600
  • vvx400
  • soundpoint_ip_500
  • soundstation_ip_4000
  • vvx601
  • soundpoint_ip_330
  • vvx411
  • c16
  • soundpoint_ip_600
  • vvx311
  • soundstation_ip_7000
  • vvx410
  • trio_8500
  • soundpoint_ip_320
  • soundpoint_ip_300
  • soundpoint_ip_501
  • soundstation_ip_5000
  • soundpoint_ip_560
  • vvx250
  • soundstation_ip_6000
  • soundpoint_ip_550
  • soundpoint_ip_450
  • united_communications_software
  • vvx301
  • soundstation2_avaya_2490
  • soundpoint_ip_301
  • vvx500
  • soundstation_duo
  • vvx201
  • soundstation_ip_7000_video_integration
  • trio_8800
  • vvx310
  • soundpoint_pro_se-220
  • vvx150
  • soundpoint_ip_601
  • vvx300
  • vvx450
  • soundpoint_ip_650
  • vvx350
  • c8
  • soundstation2w
  • soundstation2_direct_connect_for_nortel
  • soundpoint_ip_430