CVE-2010-0214

Name: CVE-2010-0214
Creator: NVD / NIST
Published: 2011-01-12T01:00:01.183+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.92%

Last modified Jun 16, 2026

CVE-2010-0214 is a vulnerability of currently unknown severity. The administrative interface on the PolyVision RoomWizard with firmware 3.2.3 places the Sync Connector Active Directory (AD) credentials in a web form that is accessed over HTTP on port 80, which allows remote attackers to obtain sensitive information by reading the HTML source code corresponding to the /admin/sign/DeviceSynch URI.. EPSS estimates a 1.92% chance of exploitation in the next 30 days.

Description

The administrative interface on the PolyVision RoomWizard with firmware 3.2.3 places the Sync Connector Active Directory (AD) credentials in a web form that is accessed over HTTP on port 80, which allows remote attackers to obtain sensitive information by reading the HTML source code corresponding to the /admin/sign/DeviceSynch URI.

Metrics

EPSS Probability

1.92%

77.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-200

Affected Software

Vendor	Product	Versions
Polyvision	Roomwizard Firmware	3.2.3
Polyvision	Roomwizard	All versions

References

http://packetstormsecurity.org/files/view/97291/roomwizard-disclose.txtExploit
http://seclists.org/fulldisclosure/2011/Jan/58Exploit
http://www.kb.cert.org/vuls/id/870601US Government Resource
http://www.securityfocus.com/bid/45699
http://www.vupen.com/english/advisories/2011/0059Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/64543
http://packetstormsecurity.org/files/view/97291/roomwizard-disclose.txtExploit
http://seclists.org/fulldisclosure/2011/Jan/58Exploit
http://www.kb.cert.org/vuls/id/870601US Government Resource
http://www.securityfocus.com/bid/45699
http://www.vupen.com/english/advisories/2011/0059Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/64543

Timeline

Published: Jan 12, 2011
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2010-0214?

How severe is CVE-2010-0214?

Severity scoring for CVE-2010-0214 is pending analysis. The EPSS model estimates a 1.92% probability of exploitation in the next 30 days.

How do I fix CVE-2010-0214?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2010-0214?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST