Vulnerability Details : CVE-2002-0628
The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack.
Exploit prediction scoring system (EPSS) score for CVE-2002-0628
Probability of exploitation activity in the next 30 days: 0.99%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 83 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2002-0628
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2002-0628
-
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks.Assigned by: nvd@nist.gov (Primary)
References for CVE-2002-0628
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/44241
Polycom ViewStation Telnet server information disclosure CVE-2002-0628 Vulnerability ReportThird Party Advisory;VDB Entry
-
http://www.iss.net/security_center/static/9349.php
Broken Link;Vendor Advisory
-
http://www.securityfocus.com/bid/5635
Broken Link;Third Party Advisory;VDB Entry;Vendor Advisory
-
http://www.ciac.org/ciac/bulletins/m-123.shtml
Broken Link;Patch;Vendor Advisory
-
http://www.polycom.com/common/pw_item_show_doc/0%2C%2C1444%2C00.pdf
Poly | Video Conferencing, Conference Phones & Headsets | Poly, formerly Plantronics & PolycomProduct
- http://www.polycom.com/common/pw_item_show_doc/0,,1444,00.pdf
-
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21089
Broken Link
Products affected by CVE-2002-0628
- cpe:2.3:h:polycom:viewstation_128:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_128:7.2:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_512:7.2:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_512:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_dcp:7.2:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_dcp:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_fx_vs4000:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_h.323:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_h.323:7.2:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_mp:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_mp:7.2:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_sp_384:7.2:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_sp_384:6.5.1:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_v.35:7.2:*:*:*:*:*:*:*
- cpe:2.3:h:polycom:viewstation_v.35:6.5.1:*:*:*:*:*:*:*