5 results (0.004 seconds)

CVSS: 9.0EPSS: 0%CPEs: 120EXPL: 0

The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1; Cisco ACNS Software 4.x and 5.x before 5.5.29.2; Cisco ECDS Software 2.x before 2.5.6; Cisco CDS-IS Software 2.x before 2.6.3.b50 and 3.1.x before 3.1.2b54; Cisco VDS-IS Software 3.2.x before 3.2.1.b9; Cisco VDS-SB Software 1.x before 1.1.0-b96; Cisco VDS-OE Software 1.x before 1.0.1; and Cisco VDS-OS Software 1.x in central-management mode allows remote authenticated users to execute arbitrary commands by appending crafted strings to values in GUI fields, aka Bug IDs CSCug40609, CSCug48855, CSCug48921, CSCug48872, CSCuh21103, CSCuh21020, and CSCug56790. El framework web en Cisco WAAS Software anterior a 4.x y 5.x anterior a 5.0.3e, 5.1.x anterior a 5.1.1c, y 5.2.x anterior a 5.2.1; Cisco ACNS Software 4.x y 5.x anterior a 5.5.29.2; Cisco ECDS Software 2.x anterior a 2.5.6; Cisco CDS-IS Software 2.x anterior a 2.6.3.b50 y 3.1.x anterior a 3.1.2b54; Cisco VDS-IS Software 3.2.x anterior a 3.2.1.b9; Cisco VDS-SB Software 1.x anterior a 1.1.0-b96; Cisco VDS-OE Software 1.x anterior a 1.0.1; y Cisco VDS-OS Software 1.x en modo central-management, permite a usuarios autenticados remotamente ejecutar comandos arbitrarios añadiendo cadenas con valores modificados en los campos GUI. Aka Bug IDs CSCug40609, CSCug48855, CSCug48921, CSCug48872, CSCuh21103, CSCuh21020, y CSCug56790. • http://secunia.com/advisories/54367 http://secunia.com/advisories/54369 http://secunia.com/advisories/54370 http://secunia.com/advisories/54372 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-cm http://www.securityfocus.com/bid/61543 http://www.securitytracker.com/id/1028852 http://www.securitytracker.com/id/1028853 https://exchange.xforce.ibmcloud.com/vulnerabilities/86122 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 5.0EPSS: 1%CPEs: 53EXPL: 0

The RealServer RealSubscriber on Cisco devices running Application and Content Networking System (ACNS) 5.1 allow remote attackers to cause a denial of service (CPU consumption) via malformed packets. • http://secunia.com/advisories/14395 http://www.cisco.com/warp/public/707/cisco-sa-20050224-acnsdos.shtml http://www.kb.cert.org/vuls/id/579240 http://www.securityfocus.com/bid/12648 https://exchange.xforce.ibmcloud.com/vulnerabilities/19469 •

CVSS: 5.0EPSS: 0%CPEs: 53EXPL: 0

Cisco devices running Application and Content Networking System (ACNS) 5.0, 5.1 before 5.1.13.7, or 5.2 before 5.2.3.9 allow remote attackers to cause a denial of service (bandwidth consumption) via "crafted IP packets" that are continuously forwarded. • http://secunia.com/advisories/14395 http://www.cisco.com/warp/public/707/cisco-sa-20050224-acnsdos.shtml http://www.securityfocus.com/bid/12648 https://exchange.xforce.ibmcloud.com/vulnerabilities/19470 •

CVSS: 7.5EPSS: 5%CPEs: 43EXPL: 0

Buffer overflow in the authentication module for Cisco ACNS 4.x before 4.2.11, and 5.x before 5.0.5, allows remote attackers to execute arbitrary code via a long password. Desbordamiento de búfer en el módulo de autenticación de Cisco ACNS 4.x anteriores a 4.2.11, y 5.x anteriores a 5.0.5, permite a atacantes remotos ejecutar código arbitrario mediante una contraseña larga. • http://secunia.com/advisories/10409 http://www.cisco.com/warp/public/707/cisco-sa-20031210-ACNS-auth.shtml http://www.kb.cert.org/vuls/id/352462 http://www.securityfocus.com/bid/9187 https://exchange.xforce.ibmcloud.com/vulnerabilities/13945 •

CVSS: 7.5EPSS: 0%CPEs: 39EXPL: 0

The default configuration of the proxy for Cisco Cache Engine and Content Engine allows remote attackers to use HTTPS to make TCP connections to allowed IP addresses while hiding the actual source IP. • http://www.cisco.com/warp/public/707/transparentcache-tcp-relay-vuln-pub.shtml http://www.iss.net/security_center/static/9082.php http://www.securityfocus.com/bid/4751 •