CVE Vulnerabilities

CVE-2010-0598

Published: May 27, 2010 | Modified: Jun 13, 2010
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt HTTP sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83631.

Affected Software

Name Vendor Start Version End Version
Mediator_framework Cisco 1.5.1 1.5.1
Mediator_framework Cisco 2.2 2.2
Mediator_framework Cisco 3.0.8 3.0.8

References