CVE-2010-0598

Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt HTTP sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83631.

Data: Cisco advisories 1 day ago · Cisco CSAF 4 hours ago · NVD CVEs 7 hours ago · NVD CPEs 1 day ago · CISA KEV 1 day ago · EPSS 1 day ago

Severity	HIGH
CVSS	9.3
EPSS	0.75% EPSS medium
CWE	CWE-255
KEV
Published	15 years ago
Modified	3 weeks ago

Products with public affected evidence

Product	Advisory	Affected evidence
Cisco Network Building Mediator Framework	cisco-sa-20100526-mediator	structured affected CSAF product_status