CVE-2015-4683

critical

Description

Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests.

References

https://support.polycom.com/global/documents/support/documentation/Security_Center_Post_for_RPRM_CVEs.pdf

http://www.securityfocus.com/bid/75432

http://www.securityfocus.com/archive/1/535852/100/0/threaded

Details

Source: Mitre, NVD

Published: 2017-09-19

Updated: 2026-05-13

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.06873