Vulnerability Description
Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt XML RPC sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83505.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Mediator Framework | 1.5.1 |
| Cisco | Network Building Mediator Nbm-2400 | All versions |
| Cisco | Network Building Mediator Nbm-4800 | All versions |
| Cisco | Richards-Zeta Mediator 2500 | All versions |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/39904
- http://securitytracker.com/id?1024027
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.sPatchVendor Advisory
- http://www.kb.cert.org/vuls/id/757804US Government Resource
- http://www.us-cert.gov/control_systems/pdf/ICSA-10-147-01_Cisco_Network_Building
- http://secunia.com/advisories/39904
- http://securitytracker.com/id?1024027
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.sPatchVendor Advisory
- http://www.kb.cert.org/vuls/id/757804US Government Resource
- http://www.us-cert.gov/control_systems/pdf/ICSA-10-147-01_Cisco_Network_Building
FAQ
What is CVE-2010-0599?
CVE-2010-0599 is a vulnerability with a CVSS score of 9.3 (HIGH). Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Medi...
How severe is CVE-2010-0599?
CVE-2010-0599 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0599?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Mediator Framework, Cisco Network Building Mediator Nbm-2400, Cisco Network Building Mediator Nbm-4800, Cisco Richards-Zeta Mediator 2500.