Unrated severityNVD Advisory· Published May 27, 2010· Updated Apr 29, 2026

CVE-2010-0598

Description

Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt HTTP sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83631.

Affected products

Cisco Systems, Inc./Mediator Framework3 versions
cpe:2.3:a:cisco:mediator_framework:1.5.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:cisco:mediator_framework:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:mediator_framework:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:mediator_framework:3.0.8:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtmlnvdPatch
www.kb.cert.org/vuls/id/757804nvdUS Government Resource
secunia.com/advisories/39904nvd
securitytracker.com/idnvd
www.us-cert.gov/control_systems/pdf/ICSA-10-147-01_Cisco_Network_Building_Mediator.pdfnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000