PT-2008-2842 · Snom · Snom 320 Sip Phone
Publicado
2008-03-10
·
Atualizado
2018-10-11
·
CVE-2008-1250
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Snom 320 SIP Phone (affected versions not specified)
Description
The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities in the web interface of the central phone server for the Snom 320 SIP Phone. These vulnerabilities allow remote attackers to perform actions as the phone user. For example, an attacker can insert an address-book entry containing an XSS sequence.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Snom 320 Sip Phone