Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2010-4302 | First vendor Publication | 2010-11-22 |
Vendor | Cve | Last vendor Modification | 2010-11-30 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 4.9 | Attack Range | Local |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses a weak hashing algorithm for the (1) administrator and (2) operator passwords, which makes it easier for local users to obtain sensitive information by recovering the cleartext values, aka Bug ID CSCti54010. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4302 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-310 | Cryptographic Issues |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
Hardware | 1 | |
Hardware | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
69448 | Cisco Unified Videoconferencing (UVC) Multiple Products on Linux Multiple Acc... Multiple Cisco Unified Videoconferencing products contain a flaw due to a weak hashing scheme used for the storage of passwords. The issue may allow a local attacker to obtain sensitive information by recovering the cleartext values for these passwords. |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2020-05-23 00:26:56 |
|
2016-06-29 00:16:23 |
|
2013-05-10 23:37:18 |
|