{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-07-31T00:00:00", "descriptions": [{"lang": "en", "value": "The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager (CM) configuration allows remote attackers to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh26626."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1028851", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1028851"}, {"name": "54367", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/54367"}, {"name": "20130731 Cisco WAAS Central Manager Remote Code Execution Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-waascm"}, {"name": "61542", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/61542"}, {"name": "54372", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/54372"}, {"name": "cisco-waas-cve2013443-code-exec(86121)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86121"}, {"name": "95877", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/95877"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2013-3443", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager (CM) configuration allows remote attackers to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh26626."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1028851", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1028851"}, {"name": "54367", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/54367"}, {"name": "20130731 Cisco WAAS Central Manager Remote Code Execution Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-waascm"}, {"name": "61542", "refsource": "BID", "url": "http://www.securityfocus.com/bid/61542"}, {"name": "54372", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/54372"}, {"name": "cisco-waas-cve2013443-code-exec(86121)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86121"}, {"name": "95877", "refsource": "OSVDB", "url": "http://osvdb.org/95877"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T16:07:38.000Z"}, "title": "CVE Program Container", "references": [{"name": "1028851", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1028851"}, {"name": "54367", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/54367"}, {"name": "20130731 Cisco WAAS Central Manager Remote Code Execution Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-waascm"}, {"name": "61542", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/61542"}, {"name": "54372", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/54372"}, {"name": "cisco-waas-cve2013443-code-exec(86121)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86121"}, {"name": "95877", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/95877"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2013-3443", "datePublished": "2013-07-31T19:00:00", "dateReserved": "2013-05-06T00:00:00", "dateUpdated": "2024-08-06T16:07:38.000Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B8A2CC13-7854-4AC2-8550-5CE56EC47371", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "18790F69-C8E4-4562-B327-11C3E3E3C344", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "60439F29-ED59-4A64-BA5C-BAD560F8EEF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "3773CE5E-D27E-46A0-B2EC-4693747FCFD3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "A813F07A-0429-4C5F-B821-EDAB74B93072", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "563442F9-81B4-48C7-BF78-4993C870047E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "FC96EADC-B910-4E8F-872B-9B418325B8BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "CAD862F3-EA53-44D6-8646-E8C825CF239D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "826DB554-4F11-4FBD-AA4E-E86C6D100D72", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "2A0C914D-633E-47A2-95BB-B95E920E9556", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "C1327E35-DE7C-4A3B-8777-D9403EFE754A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.25:*:*:*:*:*:*:*", "matchCriteriaId": "13F3FE7E-4FCA-48C4-83FE-C0087DDAD5B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.27:*:*:*:*:*:*:*", "matchCriteriaId": "F16FE683-E466-4023-8859-B56A3AD12648", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E2A08E1E-D4AC-4021-AB43-8166F4EAD9A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.1:a:*:*:*:*:*:*", "matchCriteriaId": "093206E6-6D96-441C-A718-36827C2A3750", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.1:b:*:*:*:*:*:*", "matchCriteriaId": "839EFA10-529F-441D-87F0-1EDC6F40F731", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.1:c:*:*:*:*:*:*", "matchCriteriaId": "7F98A53E-DD8C-44E0-B138-B678A499FAD0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.1:d:*:*:*:*:*:*", "matchCriteriaId": "B3A23B4B-3E6B-43A2-A1C4-D9A11FCC59AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "CB41F77E-D6C7-4E8D-8EF3-12451057F3D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.3:a:*:*:*:*:*:*", "matchCriteriaId": "AF1AECDF-4333-4705-97F6-8D0B091B6000", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.3:b:*:*:*:*:*:*", "matchCriteriaId": "1BF9647A-FDA1-48C2-80FE-430552D61638", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:a:*:*:*:*:*:*", "matchCriteriaId": "7D3E92F6-2FD5-45D1-A273-20C6E9970AC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:b:*:*:*:*:*:*", "matchCriteriaId": "E2D3596A-9E11-450C-807D-406BD0A1A806", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:c:*:*:*:*:*:*", "matchCriteriaId": "B7C9941C-C1EC-4F49-893A-0D3AD7DE76E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:d:*:*:*:*:*:*", "matchCriteriaId": "A9D0FDCE-1B72-470D-B027-37FB5DCB8647", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:e:*:*:*:*:*:*", "matchCriteriaId": "FE1C168B-65F8-449E-9EC8-6229EEDD3166", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:f:*:*:*:*:*:*", "matchCriteriaId": "A547E973-DE4B-4A39-A132-6FF9A663E91B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.5:g:*:*:*:*:*:*", "matchCriteriaId": "BB483EDF-529B-4C21-9ADB-776430B24921", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "14FBC408-7B98-414E-AA8B-B9B644CEA4D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.7:a:*:*:*:*:*:*", "matchCriteriaId": "B0B1EF08-52EC-4B7E-80EA-A2C98C64D206", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.1.7:b:*:*:*:*:*:*", "matchCriteriaId": "AC53B795-F475-4306-87DD-D37EB9F19189", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E02CBEA1-34F1-4E21-8329-8BC11AC14C8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "C42C0832-1061-42DF-8F90-6EE69BD62E60", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.2.3:a:*:*:*:*:*:*", "matchCriteriaId": "ADF2B1A0-9D42-4E7C-A3E5-0AD35EEFEF5D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.2.3:b:*:*:*:*:*:*", "matchCriteriaId": "2A0D159D-818B-4E6D-B57F-BEBA9A27C805", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.2.3:c:*:*:*:*:*:*", "matchCriteriaId": "26830D5F-F5EA-4E91-BFAC-31F0D0A1229D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "651AD3E6-06AA-4AAD-802B-748E4FA2376C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "D9D6E0A1-AB8D-4F3D-B95B-0584785F75B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "A4D0FB0B-E392-4535-BCD2-9BF485765B12", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.3.5:a:*:*:*:*:*:*", "matchCriteriaId": "203B4800-18F8-47E2-B6EB-03DB9B31608A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "3DEC1811-94D3-4BA3-B10E-07FE916B6022", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "1C954B9A-42A1-4B83-ABFB-69CFE9E8C6B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.3:a:*:*:*:*:*:*", "matchCriteriaId": "989B17E6-B366-4F38-A7AD-E0A37D1FFBAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.3:b:*:*:*:*:*:*", "matchCriteriaId": "9F622C2B-B6C3-48F8-BE2D-BBE3AF388F97", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.3:c:*:*:*:*:*:*", "matchCriteriaId": "2FD954CF-9C7C-4BC1-B847-E15BEA14B7F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "8A4612F9-4DFC-489B-83B9-FAA2D49CC740", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.5:a:*:*:*:*:*:*", "matchCriteriaId": "D7EA263B-CDA5-40BC-88AA-DFAA2C118C93", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.5:b:*:*:*:*:*:*", "matchCriteriaId": "346EDFB4-2519-4F8D-B260-AD1C476FB6F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.5:c:*:*:*:*:*:*", "matchCriteriaId": "070C7194-4D9B-4DBD-93A9-1720746875CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.5:d:*:*:*:*:*:*", "matchCriteriaId": "93E106B4-3E58-4DDA-A3B1-DCF18CABA42A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "498970B4-AE0A-4B5B-B365-8F8320C7C860", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "F0A96DA8-43BF-4D5D-97B5-1599B533FBC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "5569334B-C66D-49EE-956E-8A6AD32532DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.0.3:a:*:*:*:*:*:*", "matchCriteriaId": "D4C93313-B465-4530-9B67-782B40678228", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.0.3:c:*:*:*:*:*:*", "matchCriteriaId": "EF1DA0E6-3653-4903-B90E-07DDFA90CF53", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.0.3:d:*:*:*:*:*:*", "matchCriteriaId": "B7473878-7A5A-4532-B268-207EA9A694E3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "8BB7F3B8-82D6-43CF-A94D-435BE14EE080", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.1.1:a:*:*:*:*:*:*", "matchCriteriaId": "0CE19FB0-0235-4B62-ACFE-50BD8B135E65", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.1.1:b:*:*:*:*:*:*", "matchCriteriaId": "B4087380-469A-4B09-BD1D-7792671E3A99", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "50EAC274-984F-4F3C-A129-E9864CA982B0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager (CM) configuration allows remote attackers to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh26626."}, {"lang": "es", "value": "El framework web en Cisco WAAS Software anterior a 4.x y 5.x anterior a 5.0.3e, 5.1.x anterior a 5.1.1c, y 5.2.x anterior a 5.2.1 con una configuraci\u00f3n como Central Manager (CM), permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una petici\u00f3n POST manipulada. Aka Bug ID CSCuh26626."}], "id": "CVE-2013-3443", "lastModified": "2017-08-29T01:33:23.450", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-08-01T13:32:30.387", "references": [{"source": "ykramarz@cisco.com", "url": "http://osvdb.org/95877"}, {"source": "ykramarz@cisco.com", "url": "http://secunia.com/advisories/54367"}, {"source": "ykramarz@cisco.com", "url": "http://secunia.com/advisories/54372"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-waascm"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/bid/61542"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id/1028851"}, {"source": "ykramarz@cisco.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86121"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}