CVE-2010-0214 : The administrative interface on the PolyVision RoomWizard with firmware 3.2.3 places the Sync Connector Active Directory

The administrative interface on the PolyVision RoomWizard with firmware 3.2.3 places the Sync Connector Active Directory (AD) credentials in a web form that is accessed over HTTP on port 80, which allows remote attackers to obtain sensitive information by reading the HTML source code corresponding to the /admin/sign/DeviceSynch URI.

Published 2011-01-12 01:00:01

Updated 2017-08-17 01:31:56

Source CERT/CC

View at NVD, CVE.org

Vulnerability category: Information leak

Exploit prediction scoring system (EPSS) score for CVE-2010-0214

Probability of exploitation activity in the next 30 days: 1.41%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 85 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2010-0214

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

CWE ids for CVE-2010-0214

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2010-0214

https://exchange.xforce.ibmcloud.com/vulnerabilities/64543

RoomWizard password security bypass CVE-2010-0214 Vulnerability Report

CVEs referencing this url
http://packetstormsecurity.org/files/view/97291/roomwizard-disclose.txt

RoomWizard Credential Disclosure ≈ Packet Storm
Exploit

CVEs referencing this url
http://www.securityfocus.com/bid/45699

RoomWizard Default Password Security Bypass And Information Disclosure Vulnerabilities

CVEs referencing this url
http://www.vupen.com/english/advisories/2011/0059

Webmail | OVH- OVH
Vendor Advisory

CVEs referencing this url
http://www.kb.cert.org/vuls/id/870601

VU#870601 - PolyVision RoomWizard insecurely stores Sync Connector Active Directory credentials and uses default administrative password
US Government Resource

CVEs referencing this url
http://seclists.org/fulldisclosure/2011/Jan/58

Full Disclosure: RoomWizard Default Password and Sync Connector Credential Leak [CVE-2010-0214]
Exploit

CVEs referencing this url

Products affected by CVE-2010-0214

Polyvision » Roomwizard Firmware » Version: 3.2.3
cpe:2.3:a:polyvision:roomwizard_firmware:3.2.3:*:*:*:*:*:*:*
Matching versions
Polyvision » Roomwizard
cpe:2.3:h:polyvision:roomwizard:*:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2010-0214

Exploit prediction scoring system (EPSS) score for CVE-2010-0214

CVSS scores for CVE-2010-0214

CWE ids for CVE-2010-0214

References for CVE-2010-0214

Products affected by CVE-2010-0214