Web Interface Credential Vulnerability in Cisco Unified Videoconferencing Products
CVE-2010-4305

Currently unrated

Key Information:

Vendor

Cisco
Status
Unified Videoconferencing System 5110 Firmware
Unified Videoconferencing System 5115 Firmware
Unified Videoconferencing System 5110
Unified Videoconferencing System 5115
Vendor
CVE Published:
22 November 2010

What is CVE-2010-4305?

The Cisco Unified Videoconferencing System products exhibit a vulnerability that stems from an improper handling of cookies during web interface sessions. This flaw enables remote attackers to access sensitive information through cleartext and base64-encoded cookies. The affected systems include multiple models of the Unified Videoconferencing product line, which could lead to unauthorized disclosure of credentials and a compromise of user data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.trustmatta.com/advisories/MATTA-2010-001.txt
x_refsource_MISC
http://www.cisco.com/en/US/products/products_security_res...
vendor-advisoryx_refsource_CISCO
http://seclists.org/fulldisclosure/2010/Nov/167
mailing-listx_refsource_FULLDISC

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.