Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2010-0598
HistoryMay 27, 2010 - 7:30 p.m.

CVE-2010-0598

2010-05-2719:30:01
CWE-255
[email protected]
web.nvd.nist.gov
1

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.011

Percentile

84.8%

JSON

Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt HTTP sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83631.

Affected configurations

Nvd
Node
ciscomediator_frameworkMatch1.5.1
OR
ciscomediator_frameworkMatch2.2
OR
ciscomediator_frameworkMatch3.0.8
AND
cisconetwork_building_mediator_nbm-2400
OR
cisconetwork_building_mediator_nbm-4800
OR
ciscorichards-zeta_mediator_2500
VendorProductVersionCPE
ciscomediator_framework1.5.1cpe:2.3:a:cisco:mediator_framework:1.5.1:*:*:*:*:*:*:*
ciscomediator_framework2.2cpe:2.3:a:cisco:mediator_framework:2.2:*:*:*:*:*:*:*
ciscomediator_framework3.0.8cpe:2.3:a:cisco:mediator_framework:3.0.8:*:*:*:*:*:*:*
cisconetwork_building_mediator_nbm-2400*cpe:2.3:h:cisco:network_building_mediator_nbm-2400:*:*:*:*:*:*:*:*
cisconetwork_building_mediator_nbm-4800*cpe:2.3:h:cisco:network_building_mediator_nbm-4800:*:*:*:*:*:*:*:*
ciscorichards-zeta_mediator_2500*cpe:2.3:h:cisco:richards-zeta_mediator_2500:*:*:*:*:*:*:*:*

Related

cve 1
prion 1
cvelist 1
securityvulns 2
cert 1
ics 1
cisco 1
cve
cve
CVE-2010-0598
2010-05-27 19:30:01
prion
prion
Design/Logic Flaw
2010-05-27 19:30:00
cvelist
cvelist
CVE-2010-0598
2010-05-27 19:00:00
securityvulns
securityvulns
Cisco Network Building Mediator multiple security vulnerabilities
2010-05-27 00:00:00
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Network Building Mediator
2010-05-27 00:00:00
cert
cert
Cisco Network Building Mediator products contain multiple vulnerabilities
2010-06-03 00:00:00
ics
ics
Cisco Network Building Mediator
2014-09-09 12:00:00
cisco
cisco
Multiple Vulnerabilities in Cisco Network Building Mediator
2010-05-26 16:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.6

Confidence

Low

EPSS

0.011

Percentile

84.8%

JSON
Related for NVD:CVE-2010-0598
cve1prion1cvelist1securityvulns2cert1ics1cisco1