fkie_cve-2013-3443
Vulnerability from fkie_nvd
Published
2013-08-01 13:32
Modified
2025-04-11 00:51
Severity ?
Summary
The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager (CM) configuration allows remote attackers to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh26626.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B8A2CC13-7854-4AC2-8550-5CE56EC47371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "18790F69-C8E4-4562-B327-11C3E3E3C344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "60439F29-ED59-4A64-BA5C-BAD560F8EEF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3773CE5E-D27E-46A0-B2EC-4693747FCFD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A813F07A-0429-4C5F-B821-EDAB74B93072",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "563442F9-81B4-48C7-BF78-4993C870047E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FC96EADC-B910-4E8F-872B-9B418325B8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CAD862F3-EA53-44D6-8646-E8C825CF239D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "826DB554-4F11-4FBD-AA4E-E86C6D100D72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0C914D-633E-47A2-95BB-B95E920E9556",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C1327E35-DE7C-4A3B-8777-D9403EFE754A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "13F3FE7E-4FCA-48C4-83FE-C0087DDAD5B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "F16FE683-E466-4023-8859-B56A3AD12648",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E2A08E1E-D4AC-4021-AB43-8166F4EAD9A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.1:a:*:*:*:*:*:*",
"matchCriteriaId": "093206E6-6D96-441C-A718-36827C2A3750",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.1:b:*:*:*:*:*:*",
"matchCriteriaId": "839EFA10-529F-441D-87F0-1EDC6F40F731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.1:c:*:*:*:*:*:*",
"matchCriteriaId": "7F98A53E-DD8C-44E0-B138-B678A499FAD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.1:d:*:*:*:*:*:*",
"matchCriteriaId": "B3A23B4B-3E6B-43A2-A1C4-D9A11FCC59AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CB41F77E-D6C7-4E8D-8EF3-12451057F3D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.3:a:*:*:*:*:*:*",
"matchCriteriaId": "AF1AECDF-4333-4705-97F6-8D0B091B6000",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.3:b:*:*:*:*:*:*",
"matchCriteriaId": "1BF9647A-FDA1-48C2-80FE-430552D61638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:a:*:*:*:*:*:*",
"matchCriteriaId": "7D3E92F6-2FD5-45D1-A273-20C6E9970AC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:b:*:*:*:*:*:*",
"matchCriteriaId": "E2D3596A-9E11-450C-807D-406BD0A1A806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:c:*:*:*:*:*:*",
"matchCriteriaId": "B7C9941C-C1EC-4F49-893A-0D3AD7DE76E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:d:*:*:*:*:*:*",
"matchCriteriaId": "A9D0FDCE-1B72-470D-B027-37FB5DCB8647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:e:*:*:*:*:*:*",
"matchCriteriaId": "FE1C168B-65F8-449E-9EC8-6229EEDD3166",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:f:*:*:*:*:*:*",
"matchCriteriaId": "A547E973-DE4B-4A39-A132-6FF9A663E91B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:g:*:*:*:*:*:*",
"matchCriteriaId": "BB483EDF-529B-4C21-9ADB-776430B24921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "14FBC408-7B98-414E-AA8B-B9B644CEA4D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.7:a:*:*:*:*:*:*",
"matchCriteriaId": "B0B1EF08-52EC-4B7E-80EA-A2C98C64D206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.7:b:*:*:*:*:*:*",
"matchCriteriaId": "AC53B795-F475-4306-87DD-D37EB9F19189",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E02CBEA1-34F1-4E21-8329-8BC11AC14C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C42C0832-1061-42DF-8F90-6EE69BD62E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.2.3:a:*:*:*:*:*:*",
"matchCriteriaId": "ADF2B1A0-9D42-4E7C-A3E5-0AD35EEFEF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.2.3:b:*:*:*:*:*:*",
"matchCriteriaId": "2A0D159D-818B-4E6D-B57F-BEBA9A27C805",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.2.3:c:*:*:*:*:*:*",
"matchCriteriaId": "26830D5F-F5EA-4E91-BFAC-31F0D0A1229D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "651AD3E6-06AA-4AAD-802B-748E4FA2376C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D9D6E0A1-AB8D-4F3D-B95B-0584785F75B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4D0FB0B-E392-4535-BCD2-9BF485765B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.3.5:a:*:*:*:*:*:*",
"matchCriteriaId": "203B4800-18F8-47E2-B6EB-03DB9B31608A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3DEC1811-94D3-4BA3-B10E-07FE916B6022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C954B9A-42A1-4B83-ABFB-69CFE9E8C6B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.3:a:*:*:*:*:*:*",
"matchCriteriaId": "989B17E6-B366-4F38-A7AD-E0A37D1FFBAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.3:b:*:*:*:*:*:*",
"matchCriteriaId": "9F622C2B-B6C3-48F8-BE2D-BBE3AF388F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.3:c:*:*:*:*:*:*",
"matchCriteriaId": "2FD954CF-9C7C-4BC1-B847-E15BEA14B7F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8A4612F9-4DFC-489B-83B9-FAA2D49CC740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.5:a:*:*:*:*:*:*",
"matchCriteriaId": "D7EA263B-CDA5-40BC-88AA-DFAA2C118C93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.5:b:*:*:*:*:*:*",
"matchCriteriaId": "346EDFB4-2519-4F8D-B260-AD1C476FB6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.5:c:*:*:*:*:*:*",
"matchCriteriaId": "070C7194-4D9B-4DBD-93A9-1720746875CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.5:d:*:*:*:*:*:*",
"matchCriteriaId": "93E106B4-3E58-4DDA-A3B1-DCF18CABA42A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "498970B4-AE0A-4B5B-B365-8F8320C7C860",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F0A96DA8-43BF-4D5D-97B5-1599B533FBC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5569334B-C66D-49EE-956E-8A6AD32532DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.0.3:a:*:*:*:*:*:*",
"matchCriteriaId": "D4C93313-B465-4530-9B67-782B40678228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.0.3:c:*:*:*:*:*:*",
"matchCriteriaId": "EF1DA0E6-3653-4903-B90E-07DDFA90CF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.0.3:d:*:*:*:*:*:*",
"matchCriteriaId": "B7473878-7A5A-4532-B268-207EA9A694E3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BB7F3B8-82D6-43CF-A94D-435BE14EE080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.1.1:a:*:*:*:*:*:*",
"matchCriteriaId": "0CE19FB0-0235-4B62-ACFE-50BD8B135E65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.1.1:b:*:*:*:*:*:*",
"matchCriteriaId": "B4087380-469A-4B09-BD1D-7792671E3A99",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "50EAC274-984F-4F3C-A129-E9864CA982B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager (CM) configuration allows remote attackers to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh26626."
},
{
"lang": "es",
"value": "El framework web en Cisco WAAS Software anterior a 4.x y 5.x anterior a 5.0.3e, 5.1.x anterior a 5.1.1c, y 5.2.x anterior a 5.2.1 con una configuraci\u00f3n como Central Manager (CM), permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una petici\u00f3n POST manipulada. Aka Bug ID CSCuh26626."
}
],
"id": "CVE-2013-3443",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-01T13:32:30.387",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://osvdb.org/95877"
},
{
"source": "psirt@cisco.com",
"url": "http://secunia.com/advisories/54367"
},
{
"source": "psirt@cisco.com",
"url": "http://secunia.com/advisories/54372"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-waascm"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securityfocus.com/bid/61542"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id/1028851"
},
{
"source": "psirt@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/95877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/54367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/54372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-waascm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/61542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86121"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…