Vulnerability-Lookup

CVE-2010-2291 (GCVE-0-2010-2291)

Vulnerability from cvelistv5 – Published: 2010-06-15 01:00 – Updated: 2024-08-07 02:25

Summary

Severity

No CVSS data available.

CWE

Assigner

mitre

References

5 references

URL	Tags
http://osvdb.org/65383	vdb-entryx_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/40771	vdb-entryx_refsource_BID
http://secunia.com/advisories/37635	third-party-advisoryx_refsource_SECUNIA
http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35	x_refsource_CONFIRM

Date Public

2010-06-11 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:25:07.670Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "65383",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/65383"
          },
          {
            "name": "snorm-interface-security-bypass(59342)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59342"
          },
          {
            "name": "40771",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/40771"
          },
          {
            "name": "37635",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37635"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-06-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "65383",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/65383"
        },
        {
          "name": "snorm-interface-security-bypass(59342)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59342"
        },
        {
          "name": "40771",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/40771"
        },
        {
          "name": "37635",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37635"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-2291",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "65383",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/65383"
            },
            {
              "name": "snorm-interface-security-bypass(59342)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59342"
            },
            {
              "name": "40771",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/40771"
            },
            {
              "name": "37635",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37635"
            },
            {
              "name": "http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35",
              "refsource": "CONFIRM",
              "url": "http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-2291",
    "datePublished": "2010-06-15T01:00:00.000Z",
    "dateReserved": "2010-06-14T00:00:00.000Z",
    "dateUpdated": "2024-08-07T02:25:07.670Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2010-2291",
      "date": "2026-06-07",
      "epss": "0.00104",
      "percentile": "0.27875"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-2291\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2010-06-15T14:04:26.733\",\"lastModified\":\"2026-04-29T01:13:23.040\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors.  NOTE: some of these details are obtained from third party information.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en la interfaz web de la version v8 del firmware del tel\u00e9fono VoIP snom antes de la version v8.2.35 permite a atacantes remotos eludir las restricciones y modificar las credenciales de usuario a trav\u00e9s de vectores desconocidos. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":3.3,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.5,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"},{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.0.11:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"962DA062-0496-4138-8F20-7C7825CADA38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.0.12:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"10A80A89-AA35-46F8-A1A9-09A64A717204\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.0.13:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF0E0AB9-9EB6-444A-8593-50F1F0D476F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.1.1:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9F6CCA8-5E2F-439C-A894-6CEBD1FA90C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.1.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E86C2E7-1B86-4BD0-A3EF-365AFA555248\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8B1DE9E-3E16-40A9-842D-ADEE46A1936A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D68C5EFF-A46E-4FF3-AEE5-DC7D766AA0C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.2:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"591653A7-4C82-4A17-A254-C3509F4D3286\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.3:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"5126806D-6483-4B61-ACD9-02BFF45C4A02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.4:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"600C017C-937B-40A0-AB0F-60A314DD0EFF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.5:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"5213B3EE-09E0-4A56-9601-68D7FC23036C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.6:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED81D42F-E902-454E-BD3C-2855EA6AB7FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.7:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DEC90C2-004B-4EDD-A121-5A44F504BE34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.8:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"C10BE45C-EEE4-4771-B855-1216AD8EE255\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.9:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"B73B1D93-4197-4BD6-B001-F2A96B0396E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.10:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"698BD127-A31A-4E9E-A892-57EB75FA313C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.11:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"39525CB6-E922-49ED-B719-46DD49EDA82B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.16:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"45DE388D-BD41-4C45-BB99-01641097A037\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.17:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CD98D7E-594E-413A-80D1-6C2A13537A3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.18:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"894BDEAE-D3BD-41AA-AFB6-9FED549FF96C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.19:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"603E4729-3FDB-4D4D-8914-4A701008F705\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.20:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"E76DC66F-C8E1-45A0-B1C9-D1704450EDD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.21:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EAB15F5-E1A2-45CC-9268-DD31C7272360\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.22:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6F81ABB-CAAE-4C35-8DDB-D4624B599A40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.23:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"2487BAF4-D827-4615-BCDA-7A74305CBA76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.24:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"ECCA1772-113F-4A9B-99DD-E45080266714\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.25:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8B4C928-0179-49E9-9515-AC132BB28DDD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.26:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E80D711-5C13-4EAB-8DCF-F6E564FBA18B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.27:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"C316D4EE-C1FD-4681-98F1-47E7E3EF3EEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.28:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B30B217-EC8D-4277-A8D0-13D3E505CAB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.29:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EBA37D9-8EFA-433A-8935-48EBB51EC4A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.30:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A47A2BE-FD99-4959-A241-5979014EB19F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.31:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC82E25D-273E-4C79-A8C4-07764F29976A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.32:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EAC6925-0449-4BBC-9C34-3F638BA62A0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.33:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E76F9A1-BE49-4D49-97B6-62A44DB9413A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:snom:voip_phone_firmware:8.2.34:beta:*:*:*:*:*:*\",\"matchCriteriaId\":\"31FB7640-E104-456E-B20E-039E2B347408\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/65383\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/37635\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/40771\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/59342\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/65383\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/37635\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/40771\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/59342\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2010-2291

Vulnerability from fkie_nvd - Published: 2010-06-15 14:04 - Updated: 2026-04-29 01:13

Severity

Summary

References

URL	Tags
cve@mitre.org	http://osvdb.org/65383
cve@mitre.org	http://secunia.com/advisories/37635	Vendor Advisory
cve@mitre.org	http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35
cve@mitre.org	http://www.securityfocus.com/bid/40771
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/59342
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/65383
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/37635	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/40771
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/59342

Impacted products

Vendor	Product	Version
snom	voip_phone_firmware	8.0.11
snom	voip_phone_firmware	8.0.12
snom	voip_phone_firmware	8.0.13
snom	voip_phone_firmware	8.1.1
snom	voip_phone_firmware	8.1.2
snom	voip_phone_firmware	8.1.3
snom	voip_phone_firmware	8.2.1
snom	voip_phone_firmware	8.2.2
snom	voip_phone_firmware	8.2.3
snom	voip_phone_firmware	8.2.4
snom	voip_phone_firmware	8.2.5
snom	voip_phone_firmware	8.2.6
snom	voip_phone_firmware	8.2.7
snom	voip_phone_firmware	8.2.8
snom	voip_phone_firmware	8.2.9
snom	voip_phone_firmware	8.2.10
snom	voip_phone_firmware	8.2.11
snom	voip_phone_firmware	8.2.16
snom	voip_phone_firmware	8.2.17
snom	voip_phone_firmware	8.2.18
snom	voip_phone_firmware	8.2.19
snom	voip_phone_firmware	8.2.20
snom	voip_phone_firmware	8.2.21
snom	voip_phone_firmware	8.2.22
snom	voip_phone_firmware	8.2.23
snom	voip_phone_firmware	8.2.24
snom	voip_phone_firmware	8.2.25
snom	voip_phone_firmware	8.2.26
snom	voip_phone_firmware	8.2.27
snom	voip_phone_firmware	8.2.28
snom	voip_phone_firmware	8.2.29
snom	voip_phone_firmware	8.2.30
snom	voip_phone_firmware	8.2.31
snom	voip_phone_firmware	8.2.32
snom	voip_phone_firmware	8.2.33
snom	voip_phone_firmware	8.2.34

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.0.11:beta:*:*:*:*:*:*",
              "matchCriteriaId": "962DA062-0496-4138-8F20-7C7825CADA38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.0.12:beta:*:*:*:*:*:*",
              "matchCriteriaId": "10A80A89-AA35-46F8-A1A9-09A64A717204",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.0.13:beta:*:*:*:*:*:*",
              "matchCriteriaId": "DF0E0AB9-9EB6-444A-8593-50F1F0D476F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.1.1:beta:*:*:*:*:*:*",
              "matchCriteriaId": "C9F6CCA8-5E2F-439C-A894-6CEBD1FA90C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.1.2:beta:*:*:*:*:*:*",
              "matchCriteriaId": "3E86C2E7-1B86-4BD0-A3EF-365AFA555248",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8B1DE9E-3E16-40A9-842D-ADEE46A1936A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D68C5EFF-A46E-4FF3-AEE5-DC7D766AA0C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.2:beta:*:*:*:*:*:*",
              "matchCriteriaId": "591653A7-4C82-4A17-A254-C3509F4D3286",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.3:beta:*:*:*:*:*:*",
              "matchCriteriaId": "5126806D-6483-4B61-ACD9-02BFF45C4A02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.4:beta:*:*:*:*:*:*",
              "matchCriteriaId": "600C017C-937B-40A0-AB0F-60A314DD0EFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "5213B3EE-09E0-4A56-9601-68D7FC23036C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.6:beta:*:*:*:*:*:*",
              "matchCriteriaId": "ED81D42F-E902-454E-BD3C-2855EA6AB7FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.7:beta:*:*:*:*:*:*",
              "matchCriteriaId": "3DEC90C2-004B-4EDD-A121-5A44F504BE34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.8:beta:*:*:*:*:*:*",
              "matchCriteriaId": "C10BE45C-EEE4-4771-B855-1216AD8EE255",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.9:beta:*:*:*:*:*:*",
              "matchCriteriaId": "B73B1D93-4197-4BD6-B001-F2A96B0396E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.10:beta:*:*:*:*:*:*",
              "matchCriteriaId": "698BD127-A31A-4E9E-A892-57EB75FA313C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.11:beta:*:*:*:*:*:*",
              "matchCriteriaId": "39525CB6-E922-49ED-B719-46DD49EDA82B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.16:beta:*:*:*:*:*:*",
              "matchCriteriaId": "45DE388D-BD41-4C45-BB99-01641097A037",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.17:beta:*:*:*:*:*:*",
              "matchCriteriaId": "2CD98D7E-594E-413A-80D1-6C2A13537A3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.18:beta:*:*:*:*:*:*",
              "matchCriteriaId": "894BDEAE-D3BD-41AA-AFB6-9FED549FF96C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.19:beta:*:*:*:*:*:*",
              "matchCriteriaId": "603E4729-3FDB-4D4D-8914-4A701008F705",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.20:beta:*:*:*:*:*:*",
              "matchCriteriaId": "E76DC66F-C8E1-45A0-B1C9-D1704450EDD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.21:beta:*:*:*:*:*:*",
              "matchCriteriaId": "7EAB15F5-E1A2-45CC-9268-DD31C7272360",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.22:beta:*:*:*:*:*:*",
              "matchCriteriaId": "A6F81ABB-CAAE-4C35-8DDB-D4624B599A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.23:beta:*:*:*:*:*:*",
              "matchCriteriaId": "2487BAF4-D827-4615-BCDA-7A74305CBA76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.24:beta:*:*:*:*:*:*",
              "matchCriteriaId": "ECCA1772-113F-4A9B-99DD-E45080266714",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.25:beta:*:*:*:*:*:*",
              "matchCriteriaId": "D8B4C928-0179-49E9-9515-AC132BB28DDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.26:beta:*:*:*:*:*:*",
              "matchCriteriaId": "1E80D711-5C13-4EAB-8DCF-F6E564FBA18B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.27:beta:*:*:*:*:*:*",
              "matchCriteriaId": "C316D4EE-C1FD-4681-98F1-47E7E3EF3EEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.28:beta:*:*:*:*:*:*",
              "matchCriteriaId": "2B30B217-EC8D-4277-A8D0-13D3E505CAB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.29:beta:*:*:*:*:*:*",
              "matchCriteriaId": "2EBA37D9-8EFA-433A-8935-48EBB51EC4A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.30:beta:*:*:*:*:*:*",
              "matchCriteriaId": "7A47A2BE-FD99-4959-A241-5979014EB19F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.31:beta:*:*:*:*:*:*",
              "matchCriteriaId": "BC82E25D-273E-4C79-A8C4-07764F29976A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.32:beta:*:*:*:*:*:*",
              "matchCriteriaId": "3EAC6925-0449-4BBC-9C34-3F638BA62A0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.33:beta:*:*:*:*:*:*",
              "matchCriteriaId": "1E76F9A1-BE49-4D49-97B6-62A44DB9413A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:snom:voip_phone_firmware:8.2.34:beta:*:*:*:*:*:*",
              "matchCriteriaId": "31FB7640-E104-456E-B20E-039E2B347408",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors.  NOTE: some of these details are obtained from third party information."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en la interfaz web de la version v8 del firmware del tel\u00e9fono VoIP snom antes de la version v8.2.35 permite a atacantes remotos eludir las restricciones y modificar las credenciales de usuario a trav\u00e9s de vectores desconocidos. NOTA: algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros."
    }
  ],
  "id": "CVE-2010-2291",
  "lastModified": "2026-04-29T01:13:23.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 3.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.5,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-06-15T14:04:26.733",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/65383"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37635"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/40771"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59342"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/65383"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37635"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/40771"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59342"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-WVM8-GHRC-V96M

Vulnerability from github – Published: 2022-05-17 02:07 – Updated: 2022-05-17 02:07

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-2291"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2010-06-15T14:04:00Z",
    "severity": "LOW"
  },
  "details": "Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors.  NOTE: some of these details are obtained from third party information.",
  "id": "GHSA-wvm8-ghrc-v96m",
  "modified": "2022-05-17T02:07:16Z",
  "published": "2022-05-17T02:07:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2291"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59342"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/65383"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/37635"
    },
    {
      "type": "WEB",
      "url": "http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/40771"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2010-2291

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2010-2291

Aliases

CVE-2010-2291

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-2291",
    "description": "Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors.  NOTE: some of these details are obtained from third party information.",
    "id": "GSD-2010-2291"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-2291"
      ],
      "details": "Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors.  NOTE: some of these details are obtained from third party information.",
      "id": "GSD-2010-2291",
      "modified": "2023-12-13T01:21:31.848452Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2010-2291",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors.  NOTE: some of these details are obtained from third party information."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "65383",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/65383"
          },
          {
            "name": "snorm-interface-security-bypass(59342)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59342"
          },
          {
            "name": "40771",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/40771"
          },
          {
            "name": "37635",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/37635"
          },
          {
            "name": "http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35",
            "refsource": "CONFIRM",
            "url": "http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.33:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.32:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.34:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.27:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.26:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.19:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.18:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.6:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.5:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.1.1:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.0.13:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.31:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.30:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.23:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.22:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.11:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.10:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.9:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.2:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.25:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.24:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.17:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.16:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.4:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.3:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.0.12:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.0.11:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.29:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.28:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.21:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.20:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.8:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.2.7:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.1.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:snom:voip_phone_firmware:8.1.2:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-2291"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors.  NOTE: some of these details are obtained from third party information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                },
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "37635",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/37635"
            },
            {
              "name": "40771",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/40771"
            },
            {
              "name": "http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35"
            },
            {
              "name": "65383",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/65383"
            },
            {
              "name": "snorm-interface-security-bypass(59342)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59342"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 6.5,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-08-17T01:32Z",
      "publishedDate": "2010-06-15T14:04Z"
    }
  }
}

VAR-201006-0362

Vulnerability from variot - Updated: 2025-04-11 23:04

Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors. NOTE: some of these details are obtained from third party information. Attackers can exploit this issue to bypass certain security restrictions and edit user credentials. snom VoIP phone firmware versions prior to 8.2.35 are vulnerable. ----------------------------------------------------------------------

Secunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management

Free webinars

http://secunia.com/vulnerability_scanning/corporate/webinars/

TITLE: Snom VoIP Phone Firmware User Interface Security Bypass

SECUNIA ADVISORY ID: SA37635

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/37635/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=37635

RELEASE DATE: 2010-06-11

DISCUSS ADVISORY: http://secunia.com/advisories/37635/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/37635/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=37635

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: A vulnerability has been reported in Snom VoIP Phone Firmware, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is reported in 8.2 releases prior to 8.2.35.

SOLUTION: Update to version 8.2.35.

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201006-0362",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "snom",
        "version": "8.2.3"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "snom",
        "version": "8.1.1"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "snom",
        "version": "8.2.2"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "snom",
        "version": "8.2.4"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "snom",
        "version": "8.2.1"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "snom",
        "version": "8.0.12"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "snom",
        "version": "8.1.2"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "snom",
        "version": "8.0.13"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "snom",
        "version": "8.0.11"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "snom",
        "version": "8.1.3"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.7"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.10"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.29"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.28"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.6"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.9"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.11"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.17"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.23"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.26"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.16"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.8"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.25"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.34"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.20"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.33"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.31"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.30"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.21"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.5"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.18"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.19"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.22"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.27"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.32"
      },
      {
        "model": "voip phone",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "snom",
        "version": "8.2.24"
      },
      {
        "model": "voip phone",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "snom",
        "version": "8.2.35   8"
      },
      {
        "model": "technology voip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "snom",
        "version": "8.2.34"
      },
      {
        "model": "technology voip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "snom",
        "version": "8.2.33"
      },
      {
        "model": "technology voip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "snom",
        "version": "8.2.32"
      },
      {
        "model": "technology voip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "snom",
        "version": "8.2.31"
      },
      {
        "model": "technology voip phone",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "snom",
        "version": "8.2.30"
      },
      {
        "model": "technology voip phone",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "snom",
        "version": "8.2.35"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "40771"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005529"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-251"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-2291"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:snom:voip_phone_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005529"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "snom",
    "sources": [
      {
        "db": "BID",
        "id": "40771"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2010-2291",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "CVE-2010-2291",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 1.8,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 6.5,
            "id": "VHN-44896",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:A/AC:L/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2010-2291",
            "trust": 1.0,
            "value": "LOW"
          },
          {
            "author": "NVD",
            "id": "CVE-2010-2291",
            "trust": 0.8,
            "value": "Low"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201006-251",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-44896",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-44896"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005529"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-251"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-2291"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors.  NOTE: some of these details are obtained from third party information. \nAttackers can exploit this issue to bypass certain security restrictions and edit user credentials. \nsnom VoIP phone firmware versions prior to 8.2.35 are vulnerable. ----------------------------------------------------------------------\n\n\nSecunia CSI integrated with Microsoft WSUS and Microsoft SCCM for 3rd party Patch Management\n\nFree webinars\n\nhttp://secunia.com/vulnerability_scanning/corporate/webinars/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nSnom VoIP Phone Firmware User Interface Security Bypass\n\nSECUNIA ADVISORY ID:\nSA37635\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/37635/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=37635\n\nRELEASE DATE:\n2010-06-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/37635/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/37635/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=37635\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Snom VoIP Phone Firmware, which\ncan be exploited by malicious people to bypass certain security\nrestrictions. \n\nThe vulnerability is reported in 8.2 releases prior to 8.2.35. \n\nSOLUTION:\nUpdate to version 8.2.35. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-2291"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005529"
      },
      {
        "db": "BID",
        "id": "40771"
      },
      {
        "db": "VULHUB",
        "id": "VHN-44896"
      },
      {
        "db": "PACKETSTORM",
        "id": "90499"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2010-2291",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "40771",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "37635",
        "trust": 1.8
      },
      {
        "db": "OSVDB",
        "id": "65383",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005529",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-251",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "59342",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-44896",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "90499",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-44896"
      },
      {
        "db": "BID",
        "id": "40771"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005529"
      },
      {
        "db": "PACKETSTORM",
        "id": "90499"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-251"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-2291"
      }
    ]
  },
  "id": "VAR-201006-0362",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-44896"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2025-04-11T23:04:25.518000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "8.2.35",
        "trust": 0.8,
        "url": "http://wiki.snom.com/Firmware/V8/Release_Notes/8.2.35"
      },
      {
        "title": "Wireshark 1.2.9",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=3691"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005529"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-251"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      },
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-44896"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005529"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-2291"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://wiki.snom.com/firmware/v8/release_notes/8.2.35"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/40771"
      },
      {
        "trust": 1.7,
        "url": "http://osvdb.org/65383"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/37635"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59342"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2291"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-2291"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/59342"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/37635/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/products/corporate/evm/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/webinars/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=37635"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/37635/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-44896"
      },
      {
        "db": "BID",
        "id": "40771"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005529"
      },
      {
        "db": "PACKETSTORM",
        "id": "90499"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-251"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-2291"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-44896"
      },
      {
        "db": "BID",
        "id": "40771"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005529"
      },
      {
        "db": "PACKETSTORM",
        "id": "90499"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-251"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-2291"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-06-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-44896"
      },
      {
        "date": "2010-06-09T00:00:00",
        "db": "BID",
        "id": "40771"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-005529"
      },
      {
        "date": "2010-06-11T13:54:45",
        "db": "PACKETSTORM",
        "id": "90499"
      },
      {
        "date": "2010-06-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201006-251"
      },
      {
        "date": "2010-06-15T14:04:26.733000",
        "db": "NVD",
        "id": "CVE-2010-2291"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-08-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-44896"
      },
      {
        "date": "2015-04-13T21:02:00",
        "db": "BID",
        "id": "40771"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2010-005529"
      },
      {
        "date": "2010-06-18T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201006-251"
      },
      {
        "date": "2025-04-11T00:51:21.963000",
        "db": "NVD",
        "id": "CVE-2010-2291"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "specific network environment",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-251"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "snom VoIP Phone of  Web Vulnerability that circumvents interface restrictions",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2010-005529"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201006-251"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2010-2291 (GCVE-0-2010-2291)

FKIE_CVE-2010-2291

GHSA-WVM8-GHRC-V96M

GSD-2010-2291

VAR-201006-0362

Tags

Sightings

Nomenclature