CVE-2019-12948
Last modified
CVE-2019-12948 is a vulnerability of currently unknown severity. A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a denial of service (DoS) condition or execute arbitrary code.. EPSS estimates a 1.73% chance of exploitation in the next 30 days.
Description
A vulnerability in the web-based management interface of VVX, Trio, SoundStructure, SoundPoint, and SoundStation phones running Polycom UC Software, if exploited, could allow an authenticated, remote attacker with admin privileges to cause a denial of service (DoS) condition or execute arbitrary code.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Polycom | Unified Communications Software | < 5.8.5.1256 |
| Polycom | Unified Communications Software | >= 5.9.3, < 5.9.3.2857 |
| Polycom | Unified Communications Software | >= 6.0.0, < 6.0.0.4839 |
| Polycom | United Communications Software | < 5.9.0 |
| Polycom | United Communications Software | < 4.0.14.1580 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-12948?
How severe is CVE-2019-12948?
How do I fix CVE-2019-12948?
Are you affected by CVE-2019-12948?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST