This page lists publicly disclosed CVE vulnerabilities affecting polycom realpresence_resource_manager (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2015-4685 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration. | [email protected] | 7.0 | 0.19% | 2017-09-19 | 2026-05-13 |
| CVE-2015-4684 | Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a .. (dot dot) in the Modifier parameter to PlcmRmWeb/FileDownload; or remote authenticated administrators to upload arbitrary files via the (2) Filename or (3) SE_FNAME parameter to PlcmRmWeb/FileUpload or to read and remove arbitrary files via the (4) filePathName parameter in an importSipUriReservations SOAP request to Plc | [email protected] | 6.5 | 11.36% | 2017-09-19 | 2026-05-13 |
| CVE-2015-4683 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters with HTTP GET requests. | [email protected] | 9.8 | 34.31% | 2017-09-19 | 2026-05-13 |
| CVE-2015-4682 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager. | [email protected] | 6.5 | 12.34% | 2017-09-19 | 2026-05-13 |
| CVE-2015-4681 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords. | [email protected] | 7.8 | 0.52% | 2017-09-19 | 2026-05-13 |