CVE-2010-4303

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Videoconferencing System 5110 Firmware; Unified Videoconferencing System 5115 Firmware; Unified Videoconferencing System 5110; Unified Videoconferencing System 5115
Vendor: CVE Published:; 22 November 2010

Summary

Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses world-readable permissions for the /etc/shadow file, which allows local users to discover encrypted passwords by reading this file, aka Bug ID CSCti54043.

References

http://www.trustmatta.com/advisories/MATTA-2010-001.txt

x_refsource_MISC

http://www.cisco.com/en/US/products/products_security_res...

vendor-advisoryx_refsource_CISCO

http://seclists.org/fulldisclosure/2010/Nov/167

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 22, 2010