1. Home
  2. CVE Database
  3. CVE-2010-2465
MEDIUM · 5.0

CVE-2010-2465

The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, stores sensitive information under the web root with insufficient access control, which all...

Vulnerability Description

The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download node logs, photographs of persons, and backup files via unspecified HTTP requests.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
S2SysNetbox2.5
LinearcorpEmerge 50All versions
LinearcorpEmerge 5000All versions
SonitrolEaccessAll versions

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2010-2465?

CVE-2010-2465 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, stores sensitive information under the web root with insufficient access control, which all...

How severe is CVE-2010-2465?

CVE-2010-2465 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-2465?

Check the references section above for vendor advisories and patch information. Affected products include: S2Sys Netbox, Linearcorp Emerge 50, Linearcorp Emerge 5000, Sonitrol Eaccess.