CVE-2018-18568

Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt