CVE-2023-29930

CVSS V2 None CVSS V3 None

Description

An issue was found in Genesys CIC Polycom phone provisioning TFTP Server all version allows a remote attacker to execute arbitrary code via the login crednetials to the TFTP server configuration page.

Overview

CVE ID
CVE-2023-29930

Assigner
cve@mitre.org

Vulnerability Status
Awaiting Analysis

Published Version
2023-05-10T15:15:09

Last Modified Date
2023-05-10T15:26:03

References

Reference URL	Reference Tags
https://github.com/YSaxon/TFTPlunder
https://help.genesys.com/pureconnect/mergedprojects/wh_tr/mergedprojects/wh_tr_polycom_phones/desktop/configuring_the_tftp_server1.htm

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-29930
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29930

History

Created	Old Value	New Value	Data Type	Notes
2023-05-10 16:01:40				Added to TrackCVE