CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-1438 – Cisco Wide Area Application Services Software Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-1438
06 May 2021 — A vulnerability in Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the CLI. An attacker could exploit this vulnerability by authenticating to an affected device and issuing a specific set of commands. A successful exploit could allow the attacker to read arbitrary files that... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-waas-infdisc-Twb4EypK • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2017-6730
https://notcve.org/view.php?id=CVE-2017-6730
10 Jul 2017 — A vulnerability in the web-based GUI of Cisco Wide Area Application Services (WAAS) Central Manager could allow an unauthenticated, remote attacker to retrieve completed reports from an affected system, aka Information Disclosure. This vulnerability affects the following products if they are running an affected release of Cisco Wide Area Application Services (WAAS) Software and are configured to use the Central Manager function: Cisco Virtual Wide Area Application Services (vWAAS), Cisco Wide Area Applicati... • http://www.securityfocus.com/bid/99481 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0CVE-2016-6437
https://notcve.org/view.php?id=CVE-2016-6437
27 Oct 2016 — A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a performance degradation. More Information: CSCva03095. Known Affected Releases: 5.3(5), 6.1(1), 6.2(1). Known Fixed Releases: 5.3(5g)1, 6.2(2.32). • http://www.securityfocus.com/bid/93524 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 13EXPL: 0CVE-2015-6421
https://notcve.org/view.php?id=CVE-2015-6421
27 Jan 2016 — cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service (resource consumption and device reload) via crafted network traffic, aka Bug ID CSCus85330. cifs-ao en la funcionalidad de optimización CIFS en dispositivos Cisco Wide Area Application Service (WAAS) y Virtual WAAS (vWAAS) 5.x en versiones anteriores a 5.3.5d y 5.4 y 5.5 en versiones ... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs • CWE-399: Resource Management Errors •