-
×InformationNeed Windows 11 help?Check documents on compatibility, FAQs, upgrade information and available fixes.
Windows 11 Support Center.
-
×InformationNeed Windows 11 help?Check documents on compatibility, FAQs, upgrade information and available fixes.
Windows 11 Support Center.
- HP Community
- Poly Phones
- Desk and IP Conference Phones
- Trio 8800 JQuery Version 1.4.4 Vulnerability
Create an account on the HP Community to personalize your profile and ask a question
10-13-2020 11:48 AM
A recent security audit of our network found a vulnerability with our Polycom Trio 8800 w/ Visual+ devices. I've updated the latest available version: 5.9.5.2830 and the vulnerability still exists. Are there any plans to update JQuery in new versions of the phone software, or does this issue not apply to or affect the Polycom Trio phone software?
We're using Nessus with plugins dated 09/26/2020 to scan for these vulnerabilities. Nessus returns the following information:
According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.
URL : https://10.1x.xx.xx/js/jquery.js
Installed version : 1.4.4
Fixed version : 3.5.0
Solved! Go to Solution.
Accepted Solutions
10-13-2020 01:41 PM
Hello @brandoncs ,
Welcome to the Poly Community.
We are currently planning to address this in the next release for Trio planned for End of November / Early December(Subject to change). If you need official confirmation I suggest raising a ticket.
In order to raise a support ticket, you need to work with your Poly reseller as they may need to do this for you.
End Customers are usually unable to open a ticket directly with Poly support. Available End User Poly services offerings are detailed here
If this is some sort of an Internet discounter providing your MAC address or your Poly devices serial will enable us to look up who would be able to support you. This may not be who you purchased the Poly device from.
If the unit is no longer within the warranty please be prepared to Pay Per Incident / PPI. This is all outlined in detail here
Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.
Best Regards
Steffen Baier
Notice: I am an HP Poly employee but all replies within the community are done as a volunteer outside of my day role. This community forum is not an official HP Poly support resource, thus responses from HP Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge.
If you need immediate and/or official assistance for former Poly\Plantronics\Polycom please open a service ticket through your support channels
For HP products please check HP Support.
Please also ensure you always check the General VoIP , Video Endpoint , UC Platform (Microsoft) , PSTN
10-13-2020 01:41 PM
Hello @brandoncs ,
Welcome to the Poly Community.
We are currently planning to address this in the next release for Trio planned for End of November / Early December(Subject to change). If you need official confirmation I suggest raising a ticket.
In order to raise a support ticket, you need to work with your Poly reseller as they may need to do this for you.
End Customers are usually unable to open a ticket directly with Poly support. Available End User Poly services offerings are detailed here
If this is some sort of an Internet discounter providing your MAC address or your Poly devices serial will enable us to look up who would be able to support you. This may not be who you purchased the Poly device from.
If the unit is no longer within the warranty please be prepared to Pay Per Incident / PPI. This is all outlined in detail here
Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.
Best Regards
Steffen Baier
Notice: I am an HP Poly employee but all replies within the community are done as a volunteer outside of my day role. This community forum is not an official HP Poly support resource, thus responses from HP Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge.
If you need immediate and/or official assistance for former Poly\Plantronics\Polycom please open a service ticket through your support channels
For HP products please check HP Support.
Please also ensure you always check the General VoIP , Video Endpoint , UC Platform (Microsoft) , PSTN