Lucene search

CiscoCVE-2013-3444

HistoryAug 01, 2013 - 1:32 p.m.

CVE-2013-3444

2013-08-0113:32:30

CWE-78

cisco

web.nvd.nist.gov

cisco

waas

acns

ecds

cds-is

vds-is

vds-sb

vds-oe

vds-os

security vulnerability

remote execution

cve-2013-3444

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.005

Percentile

76.3%

JSON

The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1; Cisco ACNS Software 4.x and 5.x before 5.5.29.2; Cisco ECDS Software 2.x before 2.5.6; Cisco CDS-IS Software 2.x before 2.6.3.b50 and 3.1.x before 3.1.2b54; Cisco VDS-IS Software 3.2.x before 3.2.1.b9; Cisco VDS-SB Software 1.x before 1.1.0-b96; Cisco VDS-OE Software 1.x before 1.0.1; and Cisco VDS-OS Software 1.x in central-management mode allows remote authenticated users to execute arbitrary commands by appending crafted strings to values in GUI fields, aka Bug IDs CSCug40609, CSCug48855, CSCug48921, CSCug48872, CSCuh21103, CSCuh21020, and CSCug56790.

Affected configurations

Nvd

Node

ciscowide_area_application_servicesMatch4.1.1

ciscowide_area_application_servicesMatch4.1.1a

ciscowide_area_application_servicesMatch4.1.1b

ciscowide_area_application_servicesMatch4.1.1c

ciscowide_area_application_servicesMatch4.1.1d

ciscowide_area_application_servicesMatch4.1.3

ciscowide_area_application_servicesMatch4.1.3a

ciscowide_area_application_servicesMatch4.1.3b

ciscowide_area_application_servicesMatch4.1.5a

ciscowide_area_application_servicesMatch4.1.5b

ciscowide_area_application_servicesMatch4.1.5c

ciscowide_area_application_servicesMatch4.1.5d

ciscowide_area_application_servicesMatch4.1.5e

ciscowide_area_application_servicesMatch4.1.5f

ciscowide_area_application_servicesMatch4.1.5g

ciscowide_area_application_servicesMatch4.1.7

ciscowide_area_application_servicesMatch4.1.7a

ciscowide_area_application_servicesMatch4.1.7b

Node

ciscowide_area_application_servicesMatch4.3.1

ciscowide_area_application_servicesMatch4.3.3

ciscowide_area_application_servicesMatch4.3.5

ciscowide_area_application_servicesMatch4.3.5a

Node

ciscowide_area_application_servicesMatch5.0.1

ciscowide_area_application_servicesMatch5.0.3

ciscowide_area_application_servicesMatch5.0.3a

ciscowide_area_application_servicesMatch5.0.3c

ciscowide_area_application_servicesMatch5.0.3d

Node

ciscowide_area_application_servicesMatch4.2.1

ciscowide_area_application_servicesMatch4.2.3

ciscowide_area_application_servicesMatch4.2.3a

ciscowide_area_application_servicesMatch4.2.3b

ciscowide_area_application_servicesMatch4.2.3c

Node

ciscowide_area_application_servicesMatch4.4.1

ciscowide_area_application_servicesMatch4.4.3

ciscowide_area_application_servicesMatch4.4.3a

ciscowide_area_application_servicesMatch4.4.3b

ciscowide_area_application_servicesMatch4.4.3c

ciscowide_area_application_servicesMatch4.4.5

ciscowide_area_application_servicesMatch4.4.5a

ciscowide_area_application_servicesMatch4.4.5b

ciscowide_area_application_servicesMatch4.4.5c

ciscowide_area_application_servicesMatch4.4.5d

ciscowide_area_application_servicesMatch4.4.7

Node

ciscowide_area_application_servicesMatch5.1.1

ciscowide_area_application_servicesMatch5.1.1a

ciscowide_area_application_servicesMatch5.1.1b

Node

ciscowide_area_application_servicesMatch5.2

Node

ciscowide_area_application_servicesMatch4.0.1

ciscowide_area_application_servicesMatch4.0.3

ciscowide_area_application_servicesMatch4.0.5

ciscowide_area_application_servicesMatch4.0.7

ciscowide_area_application_servicesMatch4.0.9

ciscowide_area_application_servicesMatch4.0.11

ciscowide_area_application_servicesMatch4.0.13

ciscowide_area_application_servicesMatch4.0.17

ciscowide_area_application_servicesMatch4.0.19

ciscowide_area_application_servicesMatch4.0.21

ciscowide_area_application_servicesMatch4.0.23

ciscowide_area_application_servicesMatch4.0.25

ciscowide_area_application_servicesMatch4.0.27

Node

ciscoapplication_and_content_networking_system_softwareMatch4.1.3

ciscoapplication_and_content_networking_system_softwareMatch4.2.3

ciscoapplication_and_content_networking_system_softwareMatch4.2.5

ciscoapplication_and_content_networking_system_softwareMatch4.2.7.3

ciscoapplication_and_content_networking_system_softwareMatch4.2.9.3

ciscoapplication_and_content_networking_system_softwareMatch4.2.11.5

ciscoapplication_and_content_networking_system_softwareMatch4.2.13.1

ciscoapplication_and_content_networking_system_softwareMatch5.0

ciscoapplication_and_content_networking_system_softwareMatch5.0.1

ciscoapplication_and_content_networking_system_softwareMatch5.0.3.5

ciscoapplication_and_content_networking_system_softwareMatch5.0.5.9

ciscoapplication_and_content_networking_system_softwareMatch5.0.7.10

ciscoapplication_and_content_networking_system_softwareMatch5.0.9.9

ciscoapplication_and_content_networking_system_softwareMatch5.0.11.6

ciscoapplication_and_content_networking_system_softwareMatch5.0.13.2

ciscoapplication_and_content_networking_system_softwareMatch5.0.15.1

ciscoapplication_and_content_networking_system_softwareMatch5.0.17.6

ciscoapplication_and_content_networking_system_softwareMatch5.1.1.3

ciscoapplication_and_content_networking_system_softwareMatch5.1.3.15

ciscoapplication_and_content_networking_system_softwareMatch5.1.5.2

ciscoapplication_and_content_networking_system_softwareMatch5.1.7.7

ciscoapplication_and_content_networking_system_softwareMatch5.1.9.5

ciscoapplication_and_content_networking_system_softwareMatch5.1.11.6

ciscoapplication_and_content_networking_system_softwareMatch5.1.13.7

ciscoapplication_and_content_networking_system_softwareMatch5.1.15.5

ciscoapplication_and_content_networking_system_softwareMatch5.4

ciscoapplication_and_content_networking_system_softwareMatch5.4.1.10

ciscoapplication_and_content_networking_system_softwareMatch5.4.3.17

ciscoapplication_and_content_networking_system_softwareMatch5.4.5.7

ciscoapplication_and_content_networking_system_softwareMatch5.4.7.3

ciscoapplication_and_content_networking_system_softwareMatch5.5

ciscoapplication_and_content_networking_system_softwareMatch5.5.1.7

ciscoapplication_and_content_networking_system_softwareMatch5.5.3.1

ciscoapplication_and_content_networking_system_softwareMatch5.5.5.4

ciscoapplication_and_content_networking_system_softwareMatch5.5.7.7

ciscoapplication_and_content_networking_system_softwareMatch5.5.9.9

ciscoapplication_and_content_networking_system_softwareMatch5.5.11.2

ciscoapplication_and_content_networking_system_softwareMatch5.5.13.7

ciscoapplication_and_content_networking_system_softwareMatch5.5.15.2

ciscoapplication_and_content_networking_system_softwareMatch5.5.17

ciscoapplication_and_content_networking_system_softwareMatch5.5.19

ciscoapplication_and_content_networking_system_softwareMatch5.5.21

ciscoapplication_and_content_networking_system_softwareMatch5.5.23

ciscoapplication_and_content_networking_system_softwareMatch5.5.25

ciscoapplication_and_content_networking_system_softwareMatch5.5.27

ciscoapplication_and_content_networking_system_softwareMatch5.5.29

ciscoenterprise_content_delivery_network_softwareMatch2.0

ciscoenterprise_content_delivery_network_softwareMatch2.5.3

ciscoenterprise_content_delivery_network_softwareMatch2.5.5

ciscointernet_streamer_content_delivery_systemMatch2.0

ciscointernet_streamer_content_delivery_systemMatch2.6

ciscointernet_streamer_content_delivery_systemMatch3.1

ciscovideoscape_delivery_system_for_internet_streamerMatch1.0.0

ciscovideoscape_delivery_system_for_internet_streamerMatch3.2.0

ciscovideoscape_delivery_system_for_internet_streamerMatch3.2.1

ciscovideoscape_delivery_system_origin_serverMatch1.0

ciscovideoscape_distribution_suite_optimization_engineMatch1.0.0

ciscovideoscape_distribution_suite_service_brokerMatch1.0.0

ciscovideoscape_distribution_suite_service_brokerMatch1.0.1

ciscovideoscape_distribution_suite_service_brokerMatch1.1.0

VendorProductVersionCPE
ciscowide_area_application_services4.1.7cpe:/a:cisco:wide_area_application_services:4.1.7:a::
ciscowide_area_application_services4.1.7cpe:/a:cisco:wide_area_application_services:4.1.7:::
ciscowide_area_application_services4.1.5cpe:/a:cisco:wide_area_application_services:4.1.5:d::
ciscowide_area_application_services4.1.5cpe:/a:cisco:wide_area_application_services:4.1.5:c::
ciscowide_area_application_services4.1.5cpe:/a:cisco:wide_area_application_services:4.1.5:a::
ciscowide_area_application_services4.1.1cpe:/a:cisco:wide_area_application_services:4.1.1:d::
ciscowide_area_application_services4.1.5cpe:/a:cisco:wide_area_application_services:4.1.5:b::
ciscowide_area_application_services4.1.1cpe:/a:cisco:wide_area_application_services:4.1.1:::
ciscowide_area_application_services4.1.5cpe:/a:cisco:wide_area_application_services:4.1.5:f::
ciscowide_area_application_services4.1.5cpe:/a:cisco:wide_area_application_services:4.1.5:e::

Vendor	Product	Version	CPE
cisco	wide_area_application_services	4.1.7	cpe:/a:cisco:wide_area_application_services:4.1.7:a::
cisco	wide_area_application_services	4.1.7	cpe:/a:cisco:wide_area_application_services:4.1.7:::
cisco	wide_area_application_services	4.1.5	cpe:/a:cisco:wide_area_application_services:4.1.5:d::
cisco	wide_area_application_services	4.1.5	cpe:/a:cisco:wide_area_application_services:4.1.5:c::
cisco	wide_area_application_services	4.1.5	cpe:/a:cisco:wide_area_application_services:4.1.5:a::
cisco	wide_area_application_services	4.1.1	cpe:/a:cisco:wide_area_application_services:4.1.1:d::
cisco	wide_area_application_services	4.1.5	cpe:/a:cisco:wide_area_application_services:4.1.5:b::
cisco	wide_area_application_services	4.1.1	cpe:/a:cisco:wide_area_application_services:4.1.1:::
cisco	wide_area_application_services	4.1.5	cpe:/a:cisco:wide_area_application_services:4.1.5:f::
cisco	wide_area_application_services	4.1.5	cpe:/a:cisco:wide_area_application_services:4.1.5:e::

Rows per page:

1-10 of 181

References

secunia.com/advisories/54367

secunia.com/advisories/54369

secunia.com/advisories/54370

secunia.com/advisories/54372

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-cm

www.securityfocus.com/bid/61543

www.securitytracker.com/id/1028852

www.securitytracker.com/id/1028853

exchange.xforce.ibmcloud.com/vulnerabilities/86122

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

AI Score

7.4

Confidence

Low

EPSS

0.005

Percentile

76.3%

JSON

Related for CVE-2013-3444