World-readable permissions on /etc/shadow file in Cisco Unified Videoconferencing (UVC) System 5110 and 5115 (Linux OS)
CVE-2010-4303 · MEDIUM Severity
AV:L/AC:L/AU:N/C:C/I:N/A:N
Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses world-readable permissions for the /etc/shadow file, which allows local users to discover encrypted passwords by reading this file, aka Bug ID CSCti54043.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.