Vulnerability Description
The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Polycom | Viewstation 128 | 6.5.1 |
| Polycom | Viewstation 512 | 6.5.1 |
| Polycom | Viewstation Dcp | 6.5.1 |
| Polycom | Viewstation Fx Vs4000 | 4.1.5 |
| Polycom | Viewstation H.323 | 6.5.1 |
| Polycom | Viewstation Mp | 6.5.1 |
| Polycom | Viewstation Sp 384 | 6.5.1 |
| Polycom | Viewstation V.35 | 6.5.1 |
Related Weaknesses (CWE)
References
- http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21089Broken Link
- http://www.ciac.org/ciac/bulletins/m-123.shtmlBroken LinkPatchVendor Advisory
- http://www.iss.net/security_center/static/9349.phpBroken LinkVendor Advisory
- http://www.polycom.com/common/pw_item_show_doc/0%2C%2C1444%2C00.pdfProduct
- http://www.securityfocus.com/bid/5635Broken LinkThird Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44241Third Party AdvisoryVDB Entry
- http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21089Broken Link
- http://www.ciac.org/ciac/bulletins/m-123.shtmlBroken LinkPatchVendor Advisory
- http://www.iss.net/security_center/static/9349.phpBroken LinkVendor Advisory
- http://www.polycom.com/common/pw_item_show_doc/0%2C%2C1444%2C00.pdfProduct
- http://www.securityfocus.com/bid/5635Broken LinkThird Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44241Third Party AdvisoryVDB Entry
FAQ
What is CVE-2002-0628?
CVE-2002-0628 is a vulnerability with a CVSS score of 7.5 (HIGH). The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute f...
How severe is CVE-2002-0628?
CVE-2002-0628 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0628?
Check the references section above for vendor advisories and patch information. Affected products include: Polycom Viewstation 128, Polycom Viewstation 512, Polycom Viewstation Dcp, Polycom Viewstation Fx Vs4000, Polycom Viewstation H.323.