ID
VAR-201303-0457
TITLE
Polycom HDX Series SQL Injection Vulnerability
Trust: 0.9
sources:
BID: 58526 //
CNNVD: CNNVD-201303-339
DESCRIPTION
Polycom HDX Series devices are prone to an SQL-injection vulnerability because they fail to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an authenticated attacker to compromise the affected device, access or modify data, or exploit latent vulnerabilities in the underlying database.
Trust: 0.3
sources:
BID: 58526
AFFECTED PRODUCTS
| vendor: | polycom | model: | hdx | scope: | eq | version: | 90000 | Trust: 0.3 |
| vendor: | polycom | model: | hdx | scope: | eq | version: | 80000 | Trust: 0.3 |
| vendor: | polycom | model: | hdx | scope: | eq | version: | 70000 | Trust: 0.3 |
| vendor: | polycom | model: | hdx | scope: | eq | version: | 60000 | Trust: 0.3 |
| vendor: | polycom | model: | hdx | scope: | eq | version: | 40000 | Trust: 0.3 |
| vendor: | polycom | model: | hdx | scope: | ne | version: | 90003.1.12 | Trust: 0.3 |
| vendor: | polycom | model: | hdx | scope: | ne | version: | 80003.1.12 | Trust: 0.3 |
| vendor: | polycom | model: | hdx | scope: | ne | version: | 70003.1.12 | Trust: 0.3 |
| vendor: | polycom | model: | hdx | scope: | ne | version: | 60003.1.12 | Trust: 0.3 |
| vendor: | polycom | model: | hdx | scope: | ne | version: | 40003.1.12 | Trust: 0.3 |
sources:
BID: 58526
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-201303-339
TYPE
SQL injection
Trust: 0.6
sources:
CNNVD: CNNVD-201303-339
EXTERNAL IDS
| db: | BID | id: | 58526 | Trust: 0.9 |
| db: | CNNVD | id: | CNNVD-201303-339 | Trust: 0.6 |
sources:
BID: 58526 //
CNNVD: CNNVD-201303-339
REFERENCES
| url: | http://www.securityfocus.com/bid/58526 | Trust: 0.6 |
| url: | http://seclists.org/bugtraq/2013/mar/98 | Trust: 0.3 |
| url: | http://www.polycom.com/ | Trust: 0.3 |
sources:
BID: 58526 //
CNNVD: CNNVD-201303-339
CREDITS
Moritz Jodeit of n.runs AG
Trust: 0.9
sources:
BID: 58526 //
CNNVD: CNNVD-201303-339
SOURCES
| db: | BID | id: | 58526 |
| db: | CNNVD | id: | CNNVD-201303-339 |
LAST UPDATE DATE
2022-05-17T01:43:25.548000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 58526 | date: | 2013-03-15T00:00:00 |
| db: | CNNVD | id: | CNNVD-201303-339 | date: | 2013-03-19T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 58526 | date: | 2013-03-15T00:00:00 |
| db: | CNNVD | id: | CNNVD-201303-339 | date: | 2013-03-18T00:00:00 |