Skip to main content

Description: We recently conducted a pentest with our network and the following items showed up as vulnerabilities on polycom devices. Please let us know how Ringcentral is addressing the vulnerabilities below:


Devices: Polycom VVX 450, Polycom ATA W60P


  1. JQuery 1.2 < 3.5.0 Multiple XSS -The remote web server is affected by multiple cross site scripting vulnerability.
  2. SSL Version 2 and 3 Protocol Detection - The remote service encrypts traffic using a protocol with known weaknesses.
  3. TLS Version 1.0 Protocol Detection-The remote service encrypts traffic using an older version of TLS.
  4. SSL Medium Strength Cipher Suites Supported (SWEET32)-The remote service supports the use of medium strength SSL ciphers.
  5. SSL Weak Cipher Suites Supported-The remote service supports the use of weak SSL ciphers.
  6. SSL RC4 Cipher Suites Supported (Bar Mitzvah)-The remote service supports the use of the RC4 cipher.
  7. IP Forwarding Enabled Polycom ATA has IP forwarding enabled.

Reply