CVE-2010-4304
22.11.2010, 20:00
The web interface in Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and 5230; Unified Videoconferencing 3527 Primary Rate Interface (PRI) Gateway; Unified Videoconferencing 3522 Basic Rate Interfaces (BRI) Gateway; and Unified Videoconferencing 3515 Multipoint Control Unit (MCU) uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack, aka Bug ID CSCti54048.Enginsight
Vendor | Product | Version |
---|---|---|
cisco | unified_videoconferencing_system_5110_firmware | 7.0.1.13.3 |
cisco | unified_videoconferencing_system_5115_firmware | 7.0.1.13.3 |
cisco | unified_videoconferencing_system_5110 | * |
cisco | unified_videoconferencing_system_5115 | * |
cisco | unified_videoconferencing_system_3515_multipoint_control_unit_firmware | 7.0.1.13.3 |
cisco | unified_videoconferencing_system_3522_basic_rate_interface_gateway_firmware | 7.0.1.13.3 |
cisco | unified_videoconferencing_system_3527_primary_rate_interface_gateway_firmware | 7.0.1.13.3 |
cisco | unified_videoconferencing_system_3545_firmware | 7.0.1.13.3 |
cisco | unified_videoconferencing_system_5230_firmware | 7.0.1.13.3 |
cisco | unified_videoconferencing_system_3515_multipoint_control_unit | * |
cisco | unified_videoconferencing_system_3522_basic_rate_interface_gateway | * |
cisco | unified_videoconferencing_system_3527_primary_rate_interface_gateway | * |
cisco | unified_videoconferencing_system_3545 | * |
cisco | unified_videoconferencing_system_5230 | * |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References