CVE-2010-4302

medium

Cisco

CVSS v3 Base Score

4.9

AV:L/AC:L/Au:N/C:C/I:N/A:N

EPSS Score

0.1%

Exploitation probability in 30 days

Top 81% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

Integrity

None

Availability

None

Published: November 22, 2010 (5651 days ago)

Last Modified: April 29, 2026

Vendor: Cisco

Source: NVD

Description

/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses a weak hashing algorithm for the (1) administrator and (2) operator passwords, which makes it easier for local users to obtain sensitive information by recovering the cleartext values, aka Bug ID CSCti54010.

CWE

CWE-310

Affected Products

cisco unified videoconferencing system 5110 firmwarecisco unified videoconferencing system 5115 firmwarecisco unified videoconferencing system 5110cisco unified videoconferencing system 5115

References

🔗 seclists.org 🔗 www.cisco.com 🔗 www.trustmatta.com 🔗 seclists.org 🔗 www.cisco.com

CVE-2010-4302

Vulnerability Report

Description

CWE

Affected Products

References