CVE-2012-4970
Last modified
CVE-2012-4970 is a vulnerability of currently unknown severity. Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.. EPSS estimates a 1.15% chance of exploitation in the next 30 days.
Description
Cross-site scripting (XSS) vulnerability in the web management interface on Polycom HDX Video End Points with UC APL software before 2.7.1.1_J, and commercial software before 3.0.5, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Polycom | Hdx System Software | <= 2.7.1_j |
| Polycom | Hdx System Software | 2.0.5_j |
| Polycom | Hdx System Software | 2.5.0.7 |
| Polycom | Hdx System Software | 2.5.0.7_g |
| Polycom | Hdx System Software | 2.6.1 |
| Polycom | Hdx System Software | 2.6.1.3 |
| Polycom | Hdx System Software | 2.7.0_j |
| Polycom | Hdx System Software | <= 3.0.4 |
| Polycom | Hdx System Software | 3.0.0 |
| Polycom | Hdx System Software | 3.0.0.1 |
| Polycom | Hdx System Software | 3.0.0.2 |
| Polycom | Hdx System Software | 3.0.1 |
| Polycom | Hdx System Software | 3.0.2 |
| Polycom | Hdx System Software | 3.0.3 |
| Polycom | Hdx System Software | 3.0.3.1 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2012-4970?
How severe is CVE-2012-4970?
How do I fix CVE-2012-4970?
Are you affected by CVE-2012-4970?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST