CVE-2002-0628
HIGHPolycom ViewStation < 7.2.4 - Unauthenticated Brute Force Attack via Telnet Service
Title source: llmDescription
The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack.
References (6)
Core 6
Core References
Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/5635
Broken Link, Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/9349.php
Broken Link third-party-advisory
x_refsource_iss
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21089
Product x_refsource_confirm
http://www.polycom.com/common/pw_item_show_doc/0%2C%2C1444%2C00.pdf
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44241
Broken Link, Patch, Vendor Advisory third-party-advisory
government-resource
x_refsource_ciac
http://www.ciac.org/ciac/bulletins/m-123.shtml
Scores
CVSS v3
7.5
EPSS
0.0219
EPSS Percentile
80.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-307
Status
published
Products (15)
polycom/viewstation_128
6.5.1
polycom/viewstation_128
7.2
polycom/viewstation_512
6.5.1
polycom/viewstation_512
7.2
polycom/viewstation_dcp
6.5.1
polycom/viewstation_dcp
7.2
polycom/viewstation_fx_vs4000
4.1.5
polycom/viewstation_h.323
6.5.1
polycom/viewstation_h.323
7.2
polycom/viewstation_mp
6.5.1
... and 5 more
Published
Jan 07, 2003
Tracked Since
Feb 18, 2026