CVE-2010-4305

Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and 5230; Unified Videoconferencing 3527 Primary Rate Interface (PRI) Gateway; Unified Videoconferencing 3522 Basic Rate Interfaces (BRI) Gateway; and Unified Videoconferencing 3515 Multipoint Control Unit (MCU) improperly use cookies for web-interface credentials, which allows remote attackers to obtain sensitive information by reading a (1) cleartext or (2) base64-encoded cleartext cookie, aka Bug ID CSCti54052.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:cisco:unified_videoconferencing_system_5115_firmware:7.0.1.13.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_videoconferencing_system_5110_firmware:7.0.1.13.3:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:unified_videoconferencing_system_5115:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:unified_videoconferencing_system_5110:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:cisco:unified_videoconferencing_system_3522_basic_rate_interface_gateway_firmware:7.0.1.13.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_videoconferencing_system_3515_multipoint_control_unit_firmware:7.0.1.13.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_videoconferencing_system_5230_firmware:7.0.1.13.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_videoconferencing_system_3545_firmware:7.0.1.13.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_videoconferencing_system_3527_primary_rate_interface_gateway_firmware:7.0.1.13.3:*:*:*:*:*:*:*
OR cpe:2.3:h:cisco:unified_videoconferencing_system_3545:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:unified_videoconferencing_system_3527_primary_rate_interface_gateway:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:unified_videoconferencing_system_3515_multipoint_control_unit:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:unified_videoconferencing_system_5230:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:unified_videoconferencing_system_3522_basic_rate_interface_gateway:*:*:*:*:*:*:*:*

Information

Published : 2010-11-22 12:00

Updated : 2010-11-29 21:00


NVD link : CVE-2010-4305

Mitre link : CVE-2010-4305


JSON object : View

CWE
CWE-310

Cryptographic Issues

Advertisement

dedicated server usa

Products Affected

cisco

  • unified_videoconferencing_system_5230_firmware
  • unified_videoconferencing_system_3527_primary_rate_interface_gateway_firmware
  • unified_videoconferencing_system_5110
  • unified_videoconferencing_system_5110_firmware
  • unified_videoconferencing_system_5230
  • unified_videoconferencing_system_5115
  • unified_videoconferencing_system_3515_multipoint_control_unit_firmware
  • unified_videoconferencing_system_3545_firmware
  • unified_videoconferencing_system_3522_basic_rate_interface_gateway
  • unified_videoconferencing_system_3522_basic_rate_interface_gateway_firmware
  • unified_videoconferencing_system_3527_primary_rate_interface_gateway
  • unified_videoconferencing_system_3515_multipoint_control_unit
  • unified_videoconferencing_system_5115_firmware
  • unified_videoconferencing_system_3545