CVE-2010-0597

2010-05-2719:30:01

[email protected]

web.nvd.nist.gov

cisco

mediator framework

vulnerability

nbm-2400

nbm-4800

remote authenticated users

xml rpc

xml rpc over https

bug id

csctb83618

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

6.5 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.2%

JSON

Unspecified vulnerability in Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 allows remote authenticated users to read or modify the device configuration, and gain privileges or cause a denial of service (device reload), via a (1) XML RPC or (2) XML RPC over HTTPS request, aka Bug ID CSCtb83618.

Affected configurations

NVD

Node

ciscomediator_frameworkMatch1.5.1

ciscomediator_frameworkMatch2.2

ciscomediator_frameworkMatch3.0.8

AND

cisconetwork_building_mediator_nbm-2400

cisconetwork_building_mediator_nbm-4800

ciscorichards-zeta_mediator_2500

CPENameOperatorVersion
cisco:mediator_frameworkcisco mediator frameworkeq1.5.1
cisco:mediator_frameworkcisco mediator frameworkeq2.2
cisco:mediator_frameworkcisco mediator frameworkeq3.0.8

CPE	Name	Operator	Version
cisco:mediator_framework	cisco mediator framework	eq	1.5.1
cisco:mediator_framework	cisco mediator framework	eq	2.2
cisco:mediator_framework	cisco mediator framework	eq	3.0.8