Design/Logic Flaw

2012-08-0618:55:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

55.9%

JSON

Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one-way hash of a password within output text, which might allow remote attackers to obtain sensitive information via a brute-force attack on the hash string, aka Bug ID CSCty17279.

CPENameOperatorVersion
wide_area_application_serviceseq4.4
wide_area_application_serviceseq5.1
wide_area_application_serviceseq5.0

Name	Operator	Version
wide_area_application_services	eq	4.4
wide_area_application_services	eq	5.1
wide_area_application_services	eq	5.0

References

www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v501/release/notes/ws501xrn.pdf