Security Advisory

CVE-2010-0214

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2011-01-12 00:00:00

Last updated 2024-08-07 00:37:54

Assigner certcc

State PUBLISHED

Description

The administrative interface on the PolyVision RoomWizard with firmware 3.2.3 places the Sync Connector Active Directory (AD) credentials in a web form that is accessed over HTTP on port 80, which allows remote attackers to obtain sensitive information by reading the HTML source code corresponding to the /admin/sign/DeviceSynch URI.

← Browse all CVEs View on cve.org ↗