CVE-2010-2291

Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors. NOTE: some of these details are obtained from third party information.

CVSS v2.0 3.3 LOW

3.3^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:A/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://osvdb.org/65383
http://secunia.com/advisories/37635	Vendor Advisory
http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35
http://www.securityfocus.com/bid/40771
https://exchange.xforce.ibmcloud.com/vulnerabilities/59342
http://osvdb.org/65383
http://secunia.com/advisories/37635	Vendor Advisory
http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35
http://www.securityfocus.com/bid/40771
https://exchange.xforce.ibmcloud.com/vulnerabilities/59342

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:snom:voip_phone_firmware:8.0.11:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.0.12:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.0.13:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.1.1:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.1.2:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.1.3:::::::*
	cpe:2.3:a:snom:voip_phone_firmware:8.2.1:::::::*
	cpe:2.3:a:snom:voip_phone_firmware:8.2.2:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.3:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.4:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.5:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.6:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.7:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.8:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.9:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.10:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.11:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.16:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.17:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.18:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.19:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.20:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.21:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.22:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.23:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.24:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.25:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.26:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.27:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.28:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.29:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.30:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.31:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.32:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.33:beta::::::
	cpe:2.3:a:snom:voip_phone_firmware:8.2.34:beta::::::

History

21 Nov 2024, 01:16

Type	Values Removed	Values Added
References	~~() http://osvdb.org/65383 -~~	() http://osvdb.org/65383 -
References	~~() http://secunia.com/advisories/37635 - Vendor Advisory~~	() http://secunia.com/advisories/37635 - Vendor Advisory
References	~~() http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35 -~~	() http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35 -
References	~~() http://www.securityfocus.com/bid/40771 -~~	() http://www.securityfocus.com/bid/40771 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/59342 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/59342 -

Information

Published : 2010-06-15 14:04

Updated : 2024-11-21 01:16

NVD link : CVE-2010-2291

Mitre link : CVE-2010-2291

CVE.ORG link : CVE-2010-2291

JSON object : View

Products Affected

snom

voip_phone_firmware

CWE

CWE-264

Permissions, Privileges, and Access Controls

NVD-CWE-noinfo

3.3 /10