Description: We recently conducted a pentest with our network and the following items showed up as vulnerabilities on polycom devices. Please let us know how Ringcentral is addressing the vulnerabilities below:
Devices: Polycom VVX 450, Polycom ATA W60P
- JQuery 1.2 < 3.5.0 Multiple XSS -The remote web server is affected by multiple cross site scripting vulnerability.
- SSL Version 2 and 3 Protocol Detection - The remote service encrypts traffic using a protocol with known weaknesses.
- TLS Version 1.0 Protocol Detection-The remote service encrypts traffic using an older version of TLS.
- SSL Medium Strength Cipher Suites Supported (SWEET32)-The remote service supports the use of medium strength SSL ciphers.
- SSL Weak Cipher Suites Supported-The remote service supports the use of weak SSL ciphers.
- SSL RC4 Cipher Suites Supported (Bar Mitzvah)-The remote service supports the use of the RC4 cipher.
- IP Forwarding Enabled Polycom ATA has IP forwarding enabled.