CVE-2010-1040 : The "IP address range limitation" function in OpenPNE 1.6 through 1.8, 2.0 throu

The "IP address range limitation" function in OpenPNE 1.6 through 1.8, 2.0 through 2.8, 2.10 through 2.14, and 3.0 through 3.4, when mobile device support is enabled, allows remote attackers to bypass the "simple login" functionality via unknown vectors related to spoofing.

Published 2010-03-23 18:30:00

Updated 2025-04-11 00:51:22

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2010-1040

Tejimaya » Openpne » Version: 1.6
cpe:2.3:a:tejimaya:openpne:1.6:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.4.8
cpe:2.3:a:tejimaya:openpne:2.4.8:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.4.8.1
cpe:2.3:a:tejimaya:openpne:2.4.8.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.5.0
cpe:2.3:a:tejimaya:openpne:2.5.0:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.5.1
cpe:2.3:a:tejimaya:openpne:2.5.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.6.1
cpe:2.3:a:tejimaya:openpne:2.6.6.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.6
cpe:2.3:a:tejimaya:openpne:2.6.6:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.7
cpe:2.3:a:tejimaya:openpne:2.6.7:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.8
cpe:2.3:a:tejimaya:openpne:2.6.8:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.2
cpe:2.3:a:tejimaya:openpne:2.10.2:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.3
cpe:2.3:a:tejimaya:openpne:2.10.3:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.4.2
cpe:2.3:a:tejimaya:openpne:2.10.4.2:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.4.1
cpe:2.3:a:tejimaya:openpne:2.10.4.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.4
cpe:2.3:a:tejimaya:openpne:2.10.4:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.11.2
cpe:2.3:a:tejimaya:openpne:2.11.2:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.11.3.1
cpe:2.3:a:tejimaya:openpne:2.11.3.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.11.3
cpe:2.3:a:tejimaya:openpne:2.11.3:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.11.4
cpe:2.3:a:tejimaya:openpne:2.11.4:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.8
cpe:2.3:a:tejimaya:openpne:2.12.8:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.9
cpe:2.3:a:tejimaya:openpne:2.12.9:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.10
cpe:2.3:a:tejimaya:openpne:2.12.10:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.11
cpe:2.3:a:tejimaya:openpne:2.12.11:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.13.3
cpe:2.3:a:tejimaya:openpne:2.13.3:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.13.2
cpe:2.3:a:tejimaya:openpne:2.13.2:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.13.1
cpe:2.3:a:tejimaya:openpne:2.13.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.13.0
cpe:2.3:a:tejimaya:openpne:2.13.0:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.3.0
cpe:2.3:a:tejimaya:openpne:2.3.0:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.3.3
cpe:2.3:a:tejimaya:openpne:2.3.3:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.4.3
cpe:2.3:a:tejimaya:openpne:2.4.3:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.4.6
cpe:2.3:a:tejimaya:openpne:2.4.6:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.5.3
cpe:2.3:a:tejimaya:openpne:2.5.3:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.5.5
cpe:2.3:a:tejimaya:openpne:2.5.5:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.4
cpe:2.3:a:tejimaya:openpne:2.6.4:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.6.2
cpe:2.3:a:tejimaya:openpne:2.6.6.2:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.9
cpe:2.3:a:tejimaya:openpne:2.6.9:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.11.1
cpe:2.3:a:tejimaya:openpne:2.6.11.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.0
cpe:2.3:a:tejimaya:openpne:2.10.0:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.1
cpe:2.3:a:tejimaya:openpne:2.10.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.5
cpe:2.3:a:tejimaya:openpne:2.10.5:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.7
cpe:2.3:a:tejimaya:openpne:2.10.7:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.12
cpe:2.3:a:tejimaya:openpne:2.10.12:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.4.4
cpe:2.3:a:tejimaya:openpne:2.4.4:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.11.5
cpe:2.3:a:tejimaya:openpne:2.11.5:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.11.7
cpe:2.3:a:tejimaya:openpne:2.11.7:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.4
cpe:2.3:a:tejimaya:openpne:2.12.4:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.6
cpe:2.3:a:tejimaya:openpne:2.12.6:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.12
cpe:2.3:a:tejimaya:openpne:2.12.12:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.14.1
cpe:2.3:a:tejimaya:openpne:2.12.14.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.13.7
cpe:2.3:a:tejimaya:openpne:2.13.7:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.13.5
cpe:2.3:a:tejimaya:openpne:2.13.5:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.3.4
cpe:2.3:a:tejimaya:openpne:2.3.4:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.4.0
cpe:2.3:a:tejimaya:openpne:2.4.0:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.4.1
cpe:2.3:a:tejimaya:openpne:2.4.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.4.2
cpe:2.3:a:tejimaya:openpne:2.4.2:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.5.6
cpe:2.3:a:tejimaya:openpne:2.5.6:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.5.8
cpe:2.3:a:tejimaya:openpne:2.5.8:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.0
cpe:2.3:a:tejimaya:openpne:2.6.0:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.1
cpe:2.3:a:tejimaya:openpne:2.6.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.2
cpe:2.3:a:tejimaya:openpne:2.6.2:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.7.1
cpe:2.3:a:tejimaya:openpne:2.7.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.7.2
cpe:2.3:a:tejimaya:openpne:2.7.2:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.7.3
cpe:2.3:a:tejimaya:openpne:2.7.3:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.7.4
cpe:2.3:a:tejimaya:openpne:2.7.4:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.8
cpe:2.3:a:tejimaya:openpne:2.10.8:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.9
cpe:2.3:a:tejimaya:openpne:2.10.9:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.10
cpe:2.3:a:tejimaya:openpne:2.10.10:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.11
cpe:2.3:a:tejimaya:openpne:2.10.11:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.17.1
cpe:2.3:a:tejimaya:openpne:2.12.17.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.7
cpe:2.3:a:tejimaya:openpne:2.12.7:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.1
cpe:2.3:a:tejimaya:openpne:2.12.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.2
cpe:2.3:a:tejimaya:openpne:2.12.2:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.15
cpe:2.3:a:tejimaya:openpne:2.12.15:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.16
cpe:2.3:a:tejimaya:openpne:2.12.16:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.17
cpe:2.3:a:tejimaya:openpne:2.12.17:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.18
cpe:2.3:a:tejimaya:openpne:2.12.18:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 1.8
cpe:2.3:a:tejimaya:openpne:1.8:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.3.1
cpe:2.3:a:tejimaya:openpne:2.3.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.4.5
cpe:2.3:a:tejimaya:openpne:2.4.5:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.4.7
cpe:2.3:a:tejimaya:openpne:2.4.7:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.5.2
cpe:2.3:a:tejimaya:openpne:2.5.2:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.5.4
cpe:2.3:a:tejimaya:openpne:2.5.4:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.3
cpe:2.3:a:tejimaya:openpne:2.6.3:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.5
cpe:2.3:a:tejimaya:openpne:2.6.5:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.6.10
cpe:2.3:a:tejimaya:openpne:2.6.10:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.7.0
cpe:2.3:a:tejimaya:openpne:2.7.0:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.8.0
cpe:2.3:a:tejimaya:openpne:2.8.0:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.13.1
cpe:2.3:a:tejimaya:openpne:2.10.13.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.5.1
cpe:2.3:a:tejimaya:openpne:2.10.5.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.6
cpe:2.3:a:tejimaya:openpne:2.10.6:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.10.13
cpe:2.3:a:tejimaya:openpne:2.10.13:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.11.1
cpe:2.3:a:tejimaya:openpne:2.11.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.11.5.1
cpe:2.3:a:tejimaya:openpne:2.11.5.1:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.11.6
cpe:2.3:a:tejimaya:openpne:2.11.6:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.0
cpe:2.3:a:tejimaya:openpne:2.12.0:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.3
cpe:2.3:a:tejimaya:openpne:2.12.3:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.5
cpe:2.3:a:tejimaya:openpne:2.12.5:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.13
cpe:2.3:a:tejimaya:openpne:2.12.13:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.12.14
cpe:2.3:a:tejimaya:openpne:2.12.14:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.13.8
cpe:2.3:a:tejimaya:openpne:2.13.8:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.13.6
cpe:2.3:a:tejimaya:openpne:2.13.6:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.13.4
cpe:2.3:a:tejimaya:openpne:2.13.4:*:*:*:*:*:*:*
Matching versions
Tejimaya » Openpne » Version: 2.14.0
cpe:2.3:a:tejimaya:openpne:2.14.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2010-1040

EPSS FAQ

0.24%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 45 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2010-1040

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:N	8.6	4.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None

CWE ids for CVE-2010-1040

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2010-1040

http://jvn.jp/en/jp/JVN06874657/index.html

JVN#06874657 OpenPNE authentication bypass vulnerability
http://www.ipa.go.jp/security/vuln/alert/201003_openpne.html

脆弱性対策 : 「OpenPNE」におけるセキュリティ上の弱点（脆弱性）の注意喚起：IPA 独立行政法人情報処理推進機構
http://secunia.com/advisories/38857

Sign in
Vendor Advisory
http://www.openpne.jp/archives/4612/

【緊急リリース】携帯版かんたんログインの不備によりなりすましがおこなわれてしまう問題について｜OpenPNE
Vendor Advisory
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000006.html

JVNDB-2010-000006 - JVN iPedia - 脆弱性対策情報データベース

Jump to

Vulnerability Details : CVE-2010-1040

Products affected by CVE-2010-1040

Exploit prediction scoring system (EPSS) score for CVE-2010-1040

CVSS scores for CVE-2010-1040

CWE ids for CVE-2010-1040

References for CVE-2010-1040