CERTVU:757804Cisco Network Building Mediator products contain multiple vulnerabilities
0.018 Low
EPSS
Percentile
88.2%
Overview
Cisco Network Building Mediator (NBM) products are affected by multiple vulnerabilities that could allow an attacker to gain control of a vulnerable device or to cause a denial of service.
Description
Cisco Network Building Mediator (NBM) products are designed to manage facility energy use. NBM products support automation protocols such as BACnet and Modbus; IT network protocols such as IP, SNMP, SSH, and HTTP/S; and application protocols like XML-RPC and SOAP. NBM products are affected by multiple vulnerabilities, including default administrative credentials, privilege escalation, plaintext transmission of credentials, and unauthenticated access to a file containing credentials. An attacker can exploit these vulnerabilities using several attack vectors over SSH, HTTP/S, and XML-RPC.
Cisco Security Advisory cisco-sa-20100526-mediator notes: “These vulnerabilities affect the legacy Richards-Zeta Mediator 2500 product and Cisco Network Building Mediator NBM-2400 and NBM-4800 models. All Mediator Framework software releases prior to 3.1.1 are affected by all vulnerabilities listed in this security advisory.”
See also ICS-CERT Advisory ICSA-10-147-01.
Impact
These vulnerabilities could allow an unauthenticated, remote attacker to gain complete control over the mediator. An authorized user could gain administrative privileges, and a remote attacker could cause a denial of service.
Solution
As reported in cisco-sa-20100526-mediator, the first fixed releases are 1.5.1.build.14-eng, 2.2.1.dev.1, and 3.0.9.release.1.
Cisco Security Advisory cisco-sa-20100526-mediator and the associated Applied Mitigation Bulletin provide detailed information about workarounds and mitigation techniques, including changing default passwords, disabling unencrypted services, restricting access, and detecting possible attacks.
Vendor Information
757804
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Cisco Systems, Inc. __ Affected
Updated: June 03, 2010
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
Please see the Cisco documents referenced below.
Vendor References
- <http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtml>
- <http://www.cisco.com/warp/public/707/cisco-amb-20100526-mediator.shtml>
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- <http://secunia.com/advisories/39904/>
- <http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtml>
- <http://www.cisco.com/warp/public/707/cisco-amb-20100526-mediator.shtml>
- <http://www.us-cert.gov/control_systems/pdf/ICSA-10-147-01_Cisco_Network_Building_Mediator.pdf>
Acknowledgements
Information from Secunia and Cisco was used in this document.
This document was written by Art Manion.
Other Information
| CVE IDs: | CVE-2010-0595, CVE-2010-0596, CVE-2010-0597, CVE-2010-0598, CVE-2010-0599, CVE-2010-0600 |
|---|---|
| Severity Metric: | 2.84 Date Public: |
Related
