CVE-2010-0598

Currently unrated

Key Information:

Vendor: Cisco
Status: Mediator Framework
Vendor: CVE Published:; 27 May 2010

Summary

Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt HTTP sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83631.

References

http://securitytracker.com/id?1024027

vdb-entryx_refsource_SECTRACK

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://www.us-cert.gov/control_systems/pdf/ICSA-10-147-01...

x_refsource_MISC

Timeline

Vulnerability published
May 27, 2010
Vulnerability Reserved
Feb 10, 2010