CVE-2013-3443
Cisco Wide Area Application Services 4.x-5.2.x - Remote Code Execution via Crafted POST Request
Title source: llmDescription
The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager (CM) configuration allows remote attackers to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh26626.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1028851
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/54367
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-waascm
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/61542
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/54372
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/86121
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/95877
Scores
EPSS
0.0600
EPSS Percentile
92.5%
Details
CWE
CWE-20
Status
published
Products (25)
cisco/wide_area_application_services
4.0.1
cisco/wide_area_application_services
4.0.3
cisco/wide_area_application_services
4.0.5
cisco/wide_area_application_services
4.0.7
cisco/wide_area_application_services
4.0.9
cisco/wide_area_application_services
4.0.11
cisco/wide_area_application_services
4.0.13
cisco/wide_area_application_services
4.0.17
cisco/wide_area_application_services
4.0.19
cisco/wide_area_application_services
4.0.21
... and 15 more
Published
Aug 01, 2013
Tracked Since
Feb 18, 2026