CVE-2018-10946

MEDIUM

Polycom RealPresence Debut Firmware < 1.3.0-66872 - Unauthenticated Exposure of Admin Password via Web UI

Title source: llm
STIX 2.1

Description

An issue was discovered in versions earlier than 1.3.0-66872 for Polycom RealPresence Debut that allows attackers to arbitrarily read the admin user's password via the admin web UI.

Scores

CVSS v3 6.8
EPSS 0.0049
EPSS Percentile 38.3%
Attack Vector ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-200
Status published
Products (1)
polycom/realpresence_debut_firmware < 1.3.0-66872
Published Jun 13, 2019
Tracked Since Feb 18, 2026