5 matches found
CVE-2021-1438
A vulnerability in Cisco Wide Area Application Services WAAS Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute...
Input validation
A vulnerability in the Disk Check Tool disk-check.sh for Cisco Wide Area Application Services WAAS Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges level 15 to log in to the...
CVE-2018-0352
A vulnerability in the Disk Check Tool disk-check.sh for Cisco Wide Area Application Services WAAS Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges level 15 to log in to the...
Design/Logic Flaw
The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager CM configuration allows remote attackers to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh26626...
CVE-2013-3443
The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager CM configuration allows remote attackers to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh26626...