Multiple vulnerabilities exist in the Cisco Network Building Mediator (NBM) products. These vulnerabilities also affect the legacy Richards-Zeta Mediator products. This security advisory outlines details of the following vulnerabilities:
- Default credentials
- Privilege escalation
- Unauthorized information interception
- Unauthorized information access
Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate some of the listed vulnerabilities are available.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20100526-mediator.shtml.