CVE-2010-2291

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2010-2291
Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors. NOTE: some of these details are obtained from third party information.

3.3 /10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:A/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://osvdb.org/65383
http://secunia.com/advisories/37635 Vendor Advisory
http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35
http://www.securityfocus.com/bid/40771
https://exchange.xforce.ibmcloud.com/vulnerabilities/59342
http://osvdb.org/65383
http://secunia.com/advisories/37635 Vendor Advisory
http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35
http://www.securityfocus.com/bid/40771
https://exchange.xforce.ibmcloud.com/vulnerabilities/59342
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:snom:voip_phone_firmware:8.0.11:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.0.12:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.0.13:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.1.1:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.1.2:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.1.3:*:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.1:*:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.2:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.3:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.4:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.5:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.6:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.7:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.8:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.9:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.10:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.11:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.16:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.17:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.18:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.19:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.20:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.21:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.22:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.23:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.24:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.25:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.26:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.27:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.28:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.29:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.30:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.31:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.32:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.33:beta:*:*:*:*:*:*
cpe:2.3:a:snom:voip_phone_firmware:8.2.34:beta:*:*:*:*:*:*
History

No history.

Information

Published : 2010-06-15 14:04

Updated : 2025-04-11 00:51

NVD link : CVE-2010-2291

Mitre link : CVE-2010-2291

CVE.ORG link : CVE-2010-2291

JSON object : View

Products Affected

snom

  • voip_phone_firmware
CWE
CWE-264

Permissions, Privileges, and Access Controls

NVD-CWE-noinfo