{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-30T01:09:19.859","vulnerabilities":[{"cve":{"id":"CVE-2017-12857","sourceIdentifier":"cve@mitre.org","published":"2017-08-25T19:29:00.270","lastModified":"2026-06-17T01:04:02.177","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. This vulnerability could allow an authenticated remote attacker to read a segment of the phone's memory which could contain an administrator's password or other sensitive information."},{"lang":"es","value":"Polycom SoundStation IP, VVX, y RealPresence Trio que ejecuten software anterior a UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, o 5.6.0 se han visto afectadas por una vulnerabilidad en la aplicación web UCS. Esta vulnerabilidad podría permitir que un atacante remoto autenticado leyese un segmento de la memoria del teléfono, el cual podría contener una contraseña de administrador u otro tipo de información sensible."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:polycom:unified_communications_software:*:*:*:*:*:*:*:*","versionEndIncluding":"4.0.11","matchCriteriaId":"499B2603-7408-4EC4-9176-CF36DCAC2D5D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:polycom:soundstation_ip:-:*:*:*:*:*:*:*","matchCriteriaId":"D084EA08-E7A4-415E-803F-11E7BA1119AA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:polycom:unified_communications_software:*:*:*:*:*:*:*:*","versionEndIncluding":"5.4.6","matchCriteriaId":"67FF91FF-524B-43F9-993A-6A67596CDE8F"},{"vulnerable":true,"criteria":"cpe:2.3:o:polycom:unified_communications_software:*:*:*:*:*:*:*:*","versionEndIncluding":"5.5.1","matchCriteriaId":"10B74669-87A8-4639-A814-2B09B782C064"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:polycom:vvx:-:*:*:*:*:*:*:*","matchCriteriaId":"FBC78465-4DD8-42E7-84A5-DB8153659E97"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:polycom:unified_communications_software:*:*:*:*:*:*:*:*","versionEndIncluding":"5.4.4","matchCriteriaId":"0C4D4484-464C-44DF-8974-376A1F73CC05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:polycom:realpresence_trio:-:*:*:*:*:*:*:*","matchCriteriaId":"DB194641-9EC3-4B52-BAC8-2BB3C1C67F3B"}]}]}],"references":[{"url":"http://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-information-disclosure-on-polycom-voice-products-v1.0.pdf","source":"cve@mitre.org","tags":["Mitigation","Vendor Advisory"]},{"url":"http://www.securitytracker.com/id/1039309","source":"cve@mitre.org"},{"url":"http://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-information-disclosure-on-polycom-voice-products-v1.0.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Vendor Advisory"]},{"url":"http://www.securitytracker.com/id/1039309","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}