Lucene search
PRIOn knowledge basePRION:CVE-2010-0214HistoryJan 12, 2011 - 1:00 a.m.
Design/Logic Flaw
2011-01-1201:00:00
PRIOn knowledge base
www.prio-n.com
2
The administrative interface on the PolyVision RoomWizard with firmware 3.2.3 places the Sync Connector Active Directory (AD) credentials in a web form that is accessed over HTTP on port 80, which allows remote attackers to obtain sensitive information by reading the HTML source code corresponding to the /admin/sign/DeviceSynch URI.
| CPE | Name | Operator | Version |
|---|---|---|---|
| roomwizard_firmware | eq | 3.2.3 |
Related
cvelist
cvelist
CVE-2010-0214
2011-01-12 00:00:00
CVE-2011-0423
2011-01-12 00:00:00
nvd
nvd
CVE-2010-0214
2011-01-12 01:00:01
CVE-2011-0423
2011-01-12 01:00:02
cve
cve
CVE-2010-0214
2011-01-12 01:00:01
CVE-2011-0423
2011-01-12 01:00:02
packetstorm
packetstorm
RoomWizard Credential Disclosure
2011-01-06 00:00:00
cert
cert
prion
prion
Default credentials
2011-01-12 01:00:00