CVE-2011-2762
LifeSize Room Appliance Software - Authentication Bypass via AMF Data in gateway.php
Title source: llmDescription
The web interface on the LifeSize Room appliance LS_RM1_3.5.3 (11) allows remote attackers to bypass authentication via unspecified data associated with a "true" authentication status, related to AMF data and the LSRoom_Remoting.authenticate function in gateway.php.
References (6)
Core 6
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/49330
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/69445
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/519463/100/0/threaded
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/213486
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/8364
Exploit x_refsource_misc
http://www.securestate.com/Documents/LifeSize_Room_Advisory.txt
Scores
EPSS
0.0227
EPSS Percentile
80.8%
Details
CWE
CWE-287
Status
published
Products (1)
lifesize/lifesize_room_appliance_software
ls_rm1_3.5.3
Published
Sep 02, 2011
Tracked Since
Feb 18, 2026