CVE-2010-0599

Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt XML RPC sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83505.

Severity	HIGH
CVSS	9.3
EPSS	0.75% EPSS medium
CWE	CWE-255
KEV
Published	15 years ago
Modified	3 weeks ago

Public Affected Products

Product	Advisory	Evidence
Cisco Network Building Mediator Framework	cisco-sa-20100526-mediator	Cisco CSAF · structured affected