Vulnerabilities

CVE-2021-41322

October 13, 2021

Poly VVX 400/410 through 5.3.1 allows low-privileged users to change the Admin password by modifying a POST parameter to 120 during the password reset process.

Summary:

Poly VVX 400/410 through 5.3.1 allows low-privileged users to change the Admin password by modifying a POST parameter to 120 during the password reset process.

Reference Links(if available):

https://support.polycom.com/content/support.html

https://packetstormsecurity.com/files/140753/Polycom-VVX-Web-Interface-Privilege-Escalation.html

CVSS Score (if available)

v2: / HIGH

v3: /

Links to Exploits(if available)

Tags: CVE, CVE-2021-41322, MISC, Vendor Advisory, vulnerability

CVE-2021-41322

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

Piping Rock – 2,103,100 breached accounts

CISA: CISA Releases Three Industrial Control Systems Advisories

CISA: CISA and Partners Release Advisory on Akira Ransomware

CISA: CISA Releases Four Industrial Control Systems Advisories

CISA: Cisco Releases Security Advisories for Cisco Integrated Management Controller

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

Piping Rock – 2,103,100 breached accounts

CISA: CISA Releases Three Industrial Control Systems Advisories

CISA: CISA and Partners Release Advisory on Akira Ransomware

CISA: CISA Releases Four Industrial Control Systems Advisories

CISA: Cisco Releases Security Advisories for Cisco Integrated Management Controller