CVE-2010-4302

Published: Nov 22, 2010Modified: Apr 29, 2026

4.9

Vector

AV:L/AC:L/Au:N/C:C/I:N/A:N

Exploitability: 3.9 / Impact: 6.9

Source: NVD

Description

/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses a weak hashing algorithm for the (1) administrator and (2) operator passwords, which makes it easier for local users to obtain sensitive information by recovering the cleartext values, aka Bug ID CSCti54010.

Affected (4)

Products: Cisco: Unified Videoconferencing System 5110 Firmware, Unified Videoconferencing System 5115 Firmware, Unified Videoconferencing System 5110, Unified Videoconferencing System 5115

Cisco

4 products

Unified Videoconferencing System 5110 Firmware

Unified Videoconferencing System 5115 Firmware

Unified Videoconferencing System 5110

Unified Videoconferencing System 5115

Configuration A

4 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Unified Videoconferencing System 5110 Firmware	Version 7.0.1.13.3
Cisco Unified Videoconferencing System 5115 Firmware	Version 7.0.1.13.3
Cisco Unified Videoconferencing System 5110	All versions
Cisco Unified Videoconferencing System 5115	All versions