CVE-2010-0599
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD
Description
Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt XML RPC sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83505.
Affected (3)
Products: Cisco: Mediator Framework
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.5.1 |
| Running on/with | Platform Versions |
|---|---|
Cisco Network Building Mediator Nbm 2400 | All versions |
Cisco Network Building Mediator Nbm 4800 | All versions |
Cisco Richards Zeta Mediator 2500 | All versions |
Related CWEs
References (10)
Source: psirt@cisco.com
Source: psirt@cisco.com
Source: psirt@cisco.com
PatchVendor Advisory
Source: psirt@cisco.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.