Sign-up

ID

VAR-201101-0011


CVE

CVE-2010-0214


TITLE

PolyVision RoomWizard insecurely stores Sync Connector Active Directory credentials and uses default administrative password

Trust: 0.8

sources: CERT/CC: VU#870601

DESCRIPTION

The administrative interface on the PolyVision RoomWizard with firmware 3.2.3 places the Sync Connector Active Directory (AD) credentials in a web form that is accessed over HTTP on port 80, which allows remote attackers to obtain sensitive information by reading the HTML source code corresponding to the /admin/sign/DeviceSynch URI. The PolyVision RoomWizard web based scheduling system with touch screen display contains two vulnerabilities that allow an unauthorized user to access the device console and Sync Connector Active Directory credentials. PolyVision RoomWizard In some cases, a remote third party accesses the admin interface, Active Directory You may be able to obtain your credentials. PolyVision RoomWizard Is a web-based conference room reservation system. Sync Connector Is RoomWizard But, Microsoft Windows Actitve Directory (AD) Environmental Microsoft Exchange This is a function for linking with. PolyVision RoomWizard The admin interface for Sync Connector Used by Active Directory Is vulnerable to a password leak. Also, PolyVision RoomWizard To HTTP Factory settings for administrative account information for access via the Internet may be obtained by a third party.By a remote third party, AD Your credentials could be stolen. Also, the settings of this product may be changed. RoomWizard is prone to a security-bypass vulnerability and an information-disclosure vulnerability. Successful exploiting these issues allow attackers to gain access to the application; other attacks may also be possible

Trust: 2.7

sources: NVD: CVE-2010-0214 // CERT/CC: VU#870601 // JVNDB: JVNDB-2011-001024 // BID: 45699 // VULHUB: VHN-42819

AFFECTED PRODUCTS

vendor:polyvisionmodel:roomwizardscope:eqversion:3.2.3

Trust: 1.6

vendor:polyvisionmodel:roomwizardscope:eqversion:*

Trust: 1.0

vendor:polyvisionmodel: - scope: - version: -

Trust: 0.8

vendor:polyvisionmodel:roomwizardscope:eqversion:version 3.2.3

Trust: 0.8

vendor:interactivemodel:media link roomwizardscope:eqversion:0

Trust: 0.3

sources: CERT/CC: VU#870601 // BID: 45699 // JVNDB: JVNDB-2011-001024 // CNNVD: CNNVD-201101-129 // NVD: CVE-2010-0214

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2010-0214
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#870601
value: 1.26

Trust: 0.8

NVD: CVE-2010-0214
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201101-129
value: MEDIUM

Trust: 0.6

VULHUB: VHN-42819
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2010-0214
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-42819
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#870601 // VULHUB: VHN-42819 // JVNDB: JVNDB-2011-001024 // CNNVD: CNNVD-201101-129 // NVD: CVE-2010-0214

PROBLEMTYPE DATA

problemtype:CWE-200

Trust: 1.9

sources: VULHUB: VHN-42819 // JVNDB: JVNDB-2011-001024 // NVD: CVE-2010-0214

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201101-129

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201101-129

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2011-001024

PATCH
title:Steelcase RoomWizard System Downloadurl:http://steelcase.polyvision.com/support/downloads-roomwiz.asp
Trust: 0.8
title:RWFirmwareurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=36140
Trust: 0.6
title:RW10Firmwareurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=36139
Trust: 0.6
title:Pre-upgradeurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=36138
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2011-001024 // 
            
            
            
            CNNVD: CNNVD-201101-129

EXTERNAL IDS
db:CERT/CCid:VU#870601
Trust: 3.6
db:NVDid:CVE-2010-0214
Trust: 2.8
db:BIDid:45699
Trust: 2.8
db:VUPENid:ADV-2011-0059
Trust: 2.5
db:PACKETSTORMid:97291
Trust: 1.7
db:XFid:64543
Trust: 1.4
db:JVNDBid:JVNDB-2011-001024
Trust: 0.8
db:CNNVDid:CNNVD-201101-129
Trust: 0.7
db:FULLDISCid:20110106 ROOMWIZARD DEFAULT PASSWORD AND SYNC CONNECTOR CREDENTIAL LEAK [CVE-2010-0214]
Trust: 0.6
db:VULHUBid:VHN-42819
Trust: 0.1
sources:
            
            
            CERT/CC: VU#870601 // 
            
            
            
            VULHUB: VHN-42819 // 
            
            
            
            BID: 45699 // 
            
            
            
            JVNDB: JVNDB-2011-001024 // 
            
            
            
            CNNVD: CNNVD-201101-129 // 
            
            
            
            NVD: CVE-2010-0214

REFERENCES
url:http://www.kb.cert.org/vuls/id/870601
Trust: 2.8
url:http://www.securityfocus.com/bid/45699
Trust: 2.5
url:http://www.vupen.com/english/advisories/2011/0059
Trust: 2.5
url:http://seclists.org/fulldisclosure/2011/jan/58
Trust: 2.0
url:http://packetstormsecurity.org/files/view/97291/roomwizard-disclose.txt
Trust: 1.7
url:http://xforce.iss.net/xforce/xfdb/64543
Trust: 1.4
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/64543
Trust: 1.1
url:about vulnerability notes
Trust: 0.8
url:contact us about this vulnerability
Trust: 0.8
url:provide a vendor statement
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0214
Trust: 0.8
url:http://jvn.jp/cert/jvnvu870601
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-0214
Trust: 0.8
url:http://www.interactivemedialink.com.au/products/input-devices/196-roomwizard-room-scheduling-system.html
Trust: 0.3
sources:
            
            
            CERT/CC: VU#870601 // 
            
            
            
            VULHUB: VHN-42819 // 
            
            
            
            BID: 45699 // 
            
            
            
            JVNDB: JVNDB-2011-001024 // 
            
            
            
            CNNVD: CNNVD-201101-129 // 
            
            
            
            NVD: CVE-2010-0214

CREDITS
Sean Lam
Trust: 0.9
sources:
            
            
            BID: 45699 // 
            
            
            
            CNNVD: CNNVD-201101-129

SOURCES
db:CERT/CCid:VU#870601
db:VULHUBid:VHN-42819
db:BIDid:45699
db:JVNDBid:JVNDB-2011-001024
db:CNNVDid:CNNVD-201101-129
db:NVDid:CVE-2010-0214

LAST UPDATE DATE
2025-04-11T23:17:56.164000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#870601date:2011-01-07T00:00:00
db:VULHUBid:VHN-42819date:2017-08-17T00:00:00
db:BIDid:45699date:2015-04-13T21:05:00
db:JVNDBid:JVNDB-2011-001024date:2011-02-02T00:00:00
db:CNNVDid:CNNVD-201101-129date:2011-01-13T00:00:00
db:NVDid:CVE-2010-0214date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:CERT/CCid:VU#870601date:2011-01-07T00:00:00
db:VULHUBid:VHN-42819date:2011-01-12T00:00:00
db:BIDid:45699date:2011-01-06T00:00:00
db:JVNDBid:JVNDB-2011-001024date:2011-02-02T00:00:00
db:CNNVDid:CNNVD-201101-129date:2011-01-13T00:00:00
db:NVDid:CVE-2010-0214date:2011-01-12T01:00:01.183