CVE-2013-3443

Sažetak

The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager (CM) configuration allows remote attackers to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh26626.

Reference

http://osvdb.org/95877
http://secunia.com/advisories/54367
http://secunia.com/advisories/54372
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-waascm
http://www.securityfocus.com/bid/61542
http://www.securitytracker.com/id/1028851
https://exchange.xforce.ibmcloud.com/vulnerabilities/86121

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-08-2017 - 01:33

Objavljeno

01-08-2013 - 13:32