Unrated severityNVD Advisory· Published May 27, 2010· Updated Apr 29, 2026

CVE-2010-0599

Description

Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt XML RPC sessions from operator workstations, which allows remote attackers to discover Administrator credentials by sniffing the network, aka Bug ID CSCtb83505.

Affected products

Cisco Systems, Inc./Mediator Framework3 versions
cpe:2.3:a:cisco:mediator_framework:1.5.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:cisco:mediator_framework:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:mediator_framework:2.2:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:mediator_framework:3.0.8:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cisco.com/en/US/products/products_security_advisory09186a0080b2c518.shtmlnvdPatchVendor Advisory
www.kb.cert.org/vuls/id/757804nvdUS Government Resource
secunia.com/advisories/39904nvd
securitytracker.com/idnvd
www.us-cert.gov/control_systems/pdf/ICSA-10-147-01_Cisco_Network_Building_Mediator.pdfnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000