Privilege Escalation via Sudo Misconfiguration in Polycom RealPresence Resource Manager (RPRM)

Privilege Escalation via Sudo Misconfiguration in Polycom RealPresence Resource Manager (RPRM)

CVE-2015-4685 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration.

Learn more about our User Device Pen Test.