CVE-2010-0597 — HIGH (9.0) — White Hats Nepal

Vulnerability Description

Unspecified vulnerability in Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 allows remote authenticated users to read or modify the device configuration, and gain privileges or cause a denial of service (device reload), via a (1) XML RPC or (2) XML RPC over HTTPS request, aka Bug ID CSCtb83618.

CVSS Score

9.0

HIGH

AV:N/AC:L/Au:S/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Cisco	Mediator Framework	1.5.1
Cisco	Network Building Mediator Nbm-2400	All versions
Cisco	Network Building Mediator Nbm-4800	All versions
Cisco	Richards-Zeta Mediator 2500	All versions

References

FAQ

What is CVE-2010-0597?

CVE-2010-0597 is a vulnerability with a CVSS score of 9.0 (HIGH). Unspecified vulnerability in Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-48...

How severe is CVE-2010-0597?

CVE-2010-0597 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2010-0597?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Mediator Framework, Cisco Network Building Mediator Nbm-2400, Cisco Network Building Mediator Nbm-4800, Cisco Richards-Zeta Mediator 2500.