CVE-2010-4302
Last modified
CVE-2010-4302 is a vulnerability of currently unknown severity. /opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses a weak hashing algorithm for the (1) administrator and (2) operator passwords, which makes it easier for local users to obtain sensitive information by recovering the cleartext values, aka Bug ID CSCti54010.. EPSS estimates a 0.35% chance of exploitation in the next 30 days.
Description
/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses a weak hashing algorithm for the (1) administrator and (2) operator passwords, which makes it easier for local users to obtain sensitive information by recovering the cleartext values, aka Bug ID CSCti54010.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Videoconferencing System 5110 Firmware | 7.0.1.13.3 |
| Cisco | Unified Videoconferencing System 5115 Firmware | 7.0.1.13.3 |
| Cisco | Unified Videoconferencing System 5110 | All versions |
| Cisco | Unified Videoconferencing System 5115 | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2010-4302?
How severe is CVE-2010-4302?
How do I fix CVE-2010-4302?
Are you affected by CVE-2010-4302?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST