• ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
The Poly Phones Knowledge Base is live! We look forward to helping you with common issues and troubleshooting advice!
HP Recommended

A recent security audit of our network found a vulnerability with our Polycom Trio 8800 w/ Visual+ devices. I've updated the latest available version: 5.9.5.2830 and the vulnerability still exists. Are there any plans to update JQuery in new versions of the phone software, or does this issue not apply to or affect the Polycom Trio phone software?

 

We're using Nessus with plugins dated 09/26/2020 to scan for these vulnerabilities. Nessus returns the following information:

 

According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities.

  URL               : https://10.1x.xx.xx/js/jquery.js

  Installed version : 1.4.4

  Fixed version     : 3.5.0

1 ACCEPTED SOLUTION

Accepted Solutions
HP Recommended

Hello @brandoncs ,

 

Welcome to the Poly Community.

We are currently planning to address this in the next release for Trio planned for End of November / Early December(Subject to change). If you need official confirmation I suggest raising a ticket.


In order to raise a support ticket, you need to work with your Poly reseller as they may need to do this for you.

End Customers are usually unable to open a ticket directly with Poly support. Available End User Poly services offerings are detailed here

If this is some sort of an Internet discounter providing your MAC address or your Poly devices serial will enable us to look up who would be able to support you. This may not be who you purchased the Poly device from.

If the unit is no longer within the warranty please be prepared to Pay Per Incident / PPI. This is all outlined in detail here


Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

------------------------------------------------
Notice: I am an HP Poly employee but all replies within the community are done as a volunteer outside of my day role. This community forum is not an official HP Poly support resource, thus responses from HP Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge.
If you need immediate and/or official assistance for former Poly\Plantronics\Polycom please open a service ticket through your support channels
For HP products please check HP Support.

Please also ensure you always check the General VoIP , Video Endpoint , UC Platform (Microsoft) , PSTN

View solution in original post

1 REPLY 1
HP Recommended

Hello @brandoncs ,

 

Welcome to the Poly Community.

We are currently planning to address this in the next release for Trio planned for End of November / Early December(Subject to change). If you need official confirmation I suggest raising a ticket.


In order to raise a support ticket, you need to work with your Poly reseller as they may need to do this for you.

End Customers are usually unable to open a ticket directly with Poly support. Available End User Poly services offerings are detailed here

If this is some sort of an Internet discounter providing your MAC address or your Poly devices serial will enable us to look up who would be able to support you. This may not be who you purchased the Poly device from.

If the unit is no longer within the warranty please be prepared to Pay Per Incident / PPI. This is all outlined in detail here


Please ensure to provide some feedback if this reply has helped you so other users can profit from your experience.

Best Regards

Steffen Baier

------------------------------------------------
Notice: I am an HP Poly employee but all replies within the community are done as a volunteer outside of my day role. This community forum is not an official HP Poly support resource, thus responses from HP Poly employees, partners, and customers alike are best-effort in attempts to share learned knowledge.
If you need immediate and/or official assistance for former Poly\Plantronics\Polycom please open a service ticket through your support channels
For HP products please check HP Support.

Please also ensure you always check the General VoIP , Video Endpoint , UC Platform (Microsoft) , PSTN
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.