Vulnerability Description
Polycom RealPresence Web Suite before 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other participants able to view.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Polycom | Realpresence Web Suite | < 2.2.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/104524Third Party AdvisoryVDB Entry
- https://support.polycom.com/content/dam/polycom-support/global/documentation/secMitigationVendor Advisory
- http://www.securityfocus.com/bid/104524Third Party AdvisoryVDB Entry
- https://support.polycom.com/content/dam/polycom-support/global/documentation/secMitigationVendor Advisory
FAQ
What is CVE-2018-12592?
CVE-2018-12592 is a vulnerability with a CVSS score of 7.5 (HIGH). Polycom RealPresence Web Suite before 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). ...
How severe is CVE-2018-12592?
CVE-2018-12592 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-12592?
Check the references section above for vendor advisories and patch information. Affected products include: Polycom Realpresence Web Suite.