Vulnerability Details CVE-2010-0595
Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 has a default password for the administrative user account and unspecified other accounts, which makes it easier for remote attackers to obtain privileged access, aka Bug ID CSCtb83495.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.041
EPSS Ranking 88.3%
CVSS Severity
CVSS v2 Score 10.0
References
- http://secunia.com/advisories/39904
- http://securitytracker.com/id?1024027
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtml
- http://www.kb.cert.org/vuls/id/757804
- http://www.securityfocus.com/bid/40380
- http://www.us-cert.gov/control_systems/pdf/ICSA-10-147-01_Cisco_Network_Building_Mediator.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58893
- http://secunia.com/advisories/39904
- http://securitytracker.com/id?1024027
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtml
- http://www.kb.cert.org/vuls/id/757804
- http://www.securityfocus.com/bid/40380
- http://www.us-cert.gov/control_systems/pdf/ICSA-10-147-01_Cisco_Network_Building_Mediator.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/58893
Products affected by CVE-2010-0595
-
cpe:2.3:a:cisco:mediator_framework:1.5.1
-
cpe:2.3:a:cisco:mediator_framework:2.2
-
cpe:2.3:a:cisco:mediator_framework:3.0.8
-
cpe:2.3:h:cisco:network_building_mediator_nbm-2400:*
-
cpe:2.3:h:cisco:network_building_mediator_nbm-4800:*
-
cpe:2.3:h:cisco:richards-zeta_mediator_2500:*