Vulnerability in Cisco Mediator Framework Affects Network Building Mediators
CVE-2010-0599

Currently unrated

Key Information:

Vendor: Cisco
Status: Mediator Framework
Vendor: CVE Published:; 27 May 2010

Summary

The Cisco Mediator Framework, including specific versions of the Network Building Mediator NBM-2400, NBM-4800 and the Richards-Zeta Mediator 2500, is susceptible to a vulnerability where XML RPC sessions are not properly encrypted. This weakness allows remote attackers to capture sensitive information, specifically administrator credentials, through network sniffing techniques. The lack of encryption in these sessions enables unauthorized users to exploit this oversight, potentially compromising the security of the network infrastructure.

References

http://securitytracker.com/id?1024027

vdb-entryx_refsource_SECTRACK

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://www.us-cert.gov/control_systems/pdf/ICSA-10-147-01...

x_refsource_MISC

Timeline

Vulnerability published
May 27, 2010
Vulnerability Reserved
Feb 10, 2010