Lucene search
MitreCVE-2008-1250HistoryMar 10, 2008 - 5:44 p.m.
CVE-2008-1250
2008-03-1017:44:00
CWE-352
mitre
web.nvd.nist.gov
28
cve-2008-1250
csrf
snom 320 sip phone
web interface
xss
security vulnerability
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
High
EPSS
0.002
Percentile
53.2%
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the central phone server for the Snom 320 SIP Phone allow remote attackers to perform actions as the phone user, as demonstrated by inserting an address-book entry containing an XSS sequence.
Affected configurations
Node
snom320_sip_phone
| Vendor | Product | Version | CPE |
|---|---|---|---|
| snom | 320_sip_phone | * | cpe:2.3:h:snom:320_sip_phone:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-1250
2008-03-10 17:00:00
nvd
nvd
CVE-2008-1250
2008-03-10 17:44:00
prion
prion
Cross site request forgery (csrf)
2008-03-10 17:44:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
High
EPSS
0.002
Percentile
53.2%
Related for CVE-2008-1250