World-readable permissions on /etc/shadow file in Cisco Unified Videoconferencing (UVC) System 5110 and 5115 (Linux OS)

World-readable permissions on /etc/shadow file in Cisco Unified Videoconferencing (UVC) System 5110 and 5115 (Linux OS)

CVE-2010-4303 · MEDIUM Severity

AV:L/AC:L/AU:N/C:C/I:N/A:N

Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses world-readable permissions for the /etc/shadow file, which allows local users to discover encrypted passwords by reading this file, aka Bug ID CSCti54043.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.