Information Disclosure Vulnerability in Polycom VVX 500 and 601 Devices with Skype for Business Integration

CVE-2018-18566 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business.

Learn more about our Web Application Penetration Testing UK.