CyberSec.Space Logo
返回 CVE 浏览器

CVE-2010-0599

CRITICAL
9.3
CVSS Severity Score
EPSS Score0.0060%
EPSS Percentile31.82th
Published2010年5月27日
Last Modified2026年4月29日

Vulnerability Description

Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt XML RPC sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83505.

Affected Platforms (CPE)

📦
Cisco

Mediator Framework

= 1.5.1
📦
Cisco

Mediator Framework

= 2.2
📦
Cisco

Mediator Framework

= 3.0.8

References & Advisories

🔗 http://secunia.com/advisories/39904
🔗 http://securitytracker.com/id?1024027
🔗 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtml
🔗 http://www.kb.cert.org/vuls/id/757804
🔗 http://www.us-cert.gov/control_systems/pdf/ICSA-10-147-01_Cisco_Network_Building_Mediator.pdf
🔗 http://secunia.com/advisories/39904
🔗 http://securitytracker.com/id?1024027
🔗 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtml

相关漏洞威胁

CVE-2010-059510.0

Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Netw...

CVE-2010-060010.0

Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Netw...

CVE-2010-05989.3

Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Netw...

CVE-2010-05969.0

Unspecified vulnerability in Cisco Mediator Framework 2.2 before 2.2.1.dev.1 and 3.0 before 3.0.9.release.1 on the Cisco Network B...