Vulnerabilities > CVE-2010-0597 - Remote Privilege Escalation vulnerability in Cisco Network Building Mediator
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 allows remote authenticated users to read or modify the device configuration, and gain privileges or cause a denial of service (device reload), via a (1) XML RPC or (2) XML RPC over HTTPS request, aka Bug ID CSCtb83618.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 3 | |
Hardware | 3 |
References
- http://secunia.com/advisories/39904
- http://securitytracker.com/id?1024027
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtml
- http://www.kb.cert.org/vuls/id/757804
- http://www.securityfocus.com/bid/40386
- http://www.us-cert.gov/control_systems/pdf/ICSA-10-147-01_Cisco_Network_Building_Mediator.pdf