CVE-2010-4303 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2010-4303

CWE

https://cwe.mitre.org/data/definitions/255.html

Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses world-readable permissions for the /etc/shadow file, which allows local users to discover encrypted passwords by reading this file, aka Bug ID CSCti54043.

Affected Software

Name	Vendor	Start Version	End Version
Unified_videoconferencing_system_5110_firmware	Cisco	7.0.1.13.3 (including)	7.0.1.13.3 (including)
Unified_videoconferencing_system_5115_firmware	Cisco	7.0.1.13.3 (including)	7.0.1.13.3 (including)

References

http://seclists.org/fulldisclosure/2010/Nov/167
http://www.cisco.com/en/US/products/products_security_response09186a0080b56d0d.html
http://www.trustmatta.com/advisories/MATTA-2010-001.txt
http://seclists.org/fulldisclosure/2010/Nov/167
http://www.cisco.com/en/US/products/products_security_response09186a0080b56d0d.html
http://www.trustmatta.com/advisories/MATTA-2010-001.txt