Session Identifier Exposure and Privilege Escalation in Polycom RealPresence Resource Manager (RPRM)

Session Identifier Exposure and Privilege Escalation in Polycom RealPresence Resource Manager (RPRM)

CVE-2015-4683 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests.

Learn more about our Web Application Penetration Testing UK.