mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
801 B
801 B
CVE-2018-18568
Description
Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business.
POC
Reference
- https://seclists.org/bugtraq/2018/Oct/36
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2018-027.txt
Github
No PoCs found on GitHub currently.