Details of VAR-201101-0116

ID

VAR-201101-0116

CVE

CVE-2011-0423

TITLE

PolyVision RoomWizard insecurely stores Sync Connector Active Directory credentials and uses default administrative password

Trust: 0.8

sources: CERT/CC: VU#870601

DESCRIPTION

The PolyVision RoomWizard with firmware 3.2.3 has a default password of roomwizard for the administrator account, which makes it easier for remote attackers to obtain console access via an HTTP session, a different vulnerability than CVE-2010-0214. The PolyVision RoomWizard web based scheduling system with touch screen display contains two vulnerabilities that allow an unauthorized user to access the device console and Sync Connector Active Directory credentials. RoomWizard is prone to a security-bypass vulnerability and an information-disclosure vulnerability. Successful exploiting these issues allow attackers to gain access to the application; other attacks may also be possible

Trust: 2.7

sources: NVD: CVE-2011-0423 // CERT/CC: VU#870601 // JVNDB: JVNDB-2011-004107 // BID: 45699 // VULHUB: VHN-48368

AFFECTED PRODUCTS

vendor:	polyvision	model:	roomwizard	scope:	eq	version:	3.2.3	Trust: 2.4
vendor:	polyvision	model:	roomwizard	scope:	eq	version:	*	Trust: 1.0
vendor:	polyvision	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	polyvision	model:	roomwizard	scope:	-	version:	-	Trust: 0.8
vendor:	interactive	model:	media link roomwizard	scope:	eq	version:	0	Trust: 0.3

sources: CERT/CC: VU#870601 // BID: 45699 // JVNDB: JVNDB-2011-004107 // CNNVD: CNNVD-201101-122 // NVD: CVE-2011-0423

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-0423
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#870601
value:	1.26
Trust: 0.8
NVD:	CVE-2011-0423
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201101-122
value:	HIGH
Trust: 0.6
VULHUB:	VHN-48368
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2011-0423
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-48368
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#870601 // VULHUB: VHN-48368 // JVNDB: JVNDB-2011-004107 // CNNVD: CNNVD-201101-122 // NVD: CVE-2011-0423

PROBLEMTYPE DATA

problemtype:

CWE-255

Trust: 1.9

sources: VULHUB: VHN-48368 // JVNDB: JVNDB-2011-004107 // NVD: CVE-2011-0423

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201101-122

TYPE

trust management

Trust: 0.6

sources: CNNVD: CNNVD-201101-122

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-004107

PATCH

title:

Top Page

url:

http://www.polyvision.com/

Trust: 0.8

sources: JVNDB: JVNDB-2011-004107

EXTERNAL IDS

db:	CERT/CC	id:	VU#870601	Trust: 3.6
db:	NVD	id:	CVE-2011-0423	Trust: 2.8
db:	BID	id:	45699	Trust: 2.0
db:	VUPEN	id:	ADV-2011-0059	Trust: 1.7
db:	PACKETSTORM	id:	97291	Trust: 1.7
db:	OSVDB	id:	70388	Trust: 1.1
db:	JVNDB	id:	JVNDB-2011-004107	Trust: 0.8
db:	CNNVD	id:	CNNVD-201101-122	Trust: 0.7
db:	FULLDISC	id:	20110106 ROOMWIZARD DEFAULT PASSWORD AND SYNC CONNECTOR CREDENTIAL LEAK [CVE-2010-0214]	Trust: 0.6
db:	XF	id:	64543	Trust: 0.6
db:	VULHUB	id:	VHN-48368	Trust: 0.1

sources: CERT/CC: VU#870601 // VULHUB: VHN-48368 // BID: 45699 // JVNDB: JVNDB-2011-004107 // CNNVD: CNNVD-201101-122 // NVD: CVE-2011-0423

REFERENCES

url:	http://www.kb.cert.org/vuls/id/870601	Trust: 2.8
url:	http://seclists.org/fulldisclosure/2011/jan/58	Trust: 2.0
url:	http://www.securityfocus.com/bid/45699	Trust: 1.7
url:	http://packetstormsecurity.org/files/view/97291/roomwizard-disclose.txt	Trust: 1.7
url:	http://www.vupen.com/english/advisories/2011/0059	Trust: 1.7
url:	http://osvdb.org/70388	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/64642	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/64543	Trust: 1.1
url:	about vulnerability notes	Trust: 0.8
url:	contact us about this vulnerability	Trust: 0.8
url:	provide a vendor statement	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0423	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0423	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/64543	Trust: 0.6
url:	http://www.interactivemedialink.com.au/products/input-devices/196-roomwizard-room-scheduling-system.html	Trust: 0.3

sources: CERT/CC: VU#870601 // VULHUB: VHN-48368 // BID: 45699 // JVNDB: JVNDB-2011-004107 // CNNVD: CNNVD-201101-122 // NVD: CVE-2011-0423

CREDITS

Sean Lam

Trust: 0.9

sources: BID: 45699 // CNNVD: CNNVD-201101-122

SOURCES

db:	CERT/CC	id:	VU#870601
db:	VULHUB	id:	VHN-48368
db:	BID	id:	45699
db:	JVNDB	id:	JVNDB-2011-004107
db:	CNNVD	id:	CNNVD-201101-122
db:	NVD	id:	CVE-2011-0423

LAST UPDATE DATE

2025-04-11T23:17:56.667000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#870601	date:	2011-01-07T00:00:00
db:	VULHUB	id:	VHN-48368	date:	2017-08-17T00:00:00
db:	BID	id:	45699	date:	2015-04-13T21:05:00
db:	JVNDB	id:	JVNDB-2011-004107	date:	2012-03-27T00:00:00
db:	CNNVD	id:	CNNVD-201101-122	date:	2011-01-13T00:00:00
db:	NVD	id:	CVE-2011-0423	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#870601	date:	2011-01-07T00:00:00
db:	VULHUB	id:	VHN-48368	date:	2011-01-12T00:00:00
db:	BID	id:	45699	date:	2011-01-06T00:00:00
db:	JVNDB	id:	JVNDB-2011-004107	date:	2012-03-27T00:00:00
db:	CNNVD	id:	CNNVD-201101-122	date:	2011-01-13T00:00:00
db:	NVD	id:	CVE-2011-0423	date:	2011-01-12T01:00:02.353