7.5
CVE-2002-0628
- EPSS 2.19%
- Veröffentlicht 07.01.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:57:48
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Polycom ≫ Viewstation 128 Version6.5.1
Polycom ≫ Viewstation 128 Version7.2
Polycom ≫ Viewstation 512 Version6.5.1
Polycom ≫ Viewstation 512 Version7.2
Polycom ≫ Viewstation Dcp Version6.5.1
Polycom ≫ Viewstation Dcp Version7.2
Polycom ≫ Viewstation Fx Vs4000 Version4.1.5
Polycom ≫ Viewstation H.323 Version6.5.1
Polycom ≫ Viewstation H.323 Version7.2
Polycom ≫ Viewstation Mp Version6.5.1
Polycom ≫ Viewstation Mp Version7.2
Polycom ≫ Viewstation Sp 384 Version6.5.1
Polycom ≫ Viewstation Sp 384 Version7.2
Polycom ≫ Viewstation V.35 Version6.5.1
Polycom ≫ Viewstation V.35 Version7.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.19% | 0.801 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-307 Improper Restriction of Excessive Authentication Attempts
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21089
http://www.ciac.org/ciac/bulletins/m-123.shtml
http://www.polycom.com/common/pw_item_show_doc/0%2C%2C1444%2C00.pdf
http://www.iss.net/security_center/static/9349.php
http://www.securityfocus.com/bid/5635
https://exchange.xforce.ibmcloud.com/vulnerabilities/44241