9.3
CVE-2010-0598
- EPSS 3.22%
- Veröffentlicht 27.05.2010 19:30:01
- Zuletzt bearbeitet 16.06.2026 23:16:28
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt HTTP sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83631.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Mediator Framework Version1.5.1
Cisco ≫ Mediator Framework Version2.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.22% | 0.866 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://secunia.com/advisories/39904
http://securitytracker.com/id?1024027
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtml
http://www.kb.cert.org/vuls/id/757804
http://www.us-cert.gov/control_systems/pdf/ICSA-10-147-01_Cisco_Network_Building_Mediator.pdf