6 results (0.003 seconds)

CVSS: 9.0EPSS: 0%CPEs: 120EXPL: 0

The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1; Cisco ACNS Software 4.x and 5.x before 5.5.29.2; Cisco ECDS Software 2.x before 2.5.6; Cisco CDS-IS Software 2.x before 2.6.3.b50 and 3.1.x before 3.1.2b54; Cisco VDS-IS Software 3.2.x before 3.2.1.b9; Cisco VDS-SB Software 1.x before 1.1.0-b96; Cisco VDS-OE Software 1.x before 1.0.1; and Cisco VDS-OS Software 1.x in central-management mode allows remote authenticated users to execute arbitrary commands by appending crafted strings to values in GUI fields, aka Bug IDs CSCug40609, CSCug48855, CSCug48921, CSCug48872, CSCuh21103, CSCuh21020, and CSCug56790. El framework web en Cisco WAAS Software anterior a 4.x y 5.x anterior a 5.0.3e, 5.1.x anterior a 5.1.1c, y 5.2.x anterior a 5.2.1; Cisco ACNS Software 4.x y 5.x anterior a 5.5.29.2; Cisco ECDS Software 2.x anterior a 2.5.6; Cisco CDS-IS Software 2.x anterior a 2.6.3.b50 y 3.1.x anterior a 3.1.2b54; Cisco VDS-IS Software 3.2.x anterior a 3.2.1.b9; Cisco VDS-SB Software 1.x anterior a 1.1.0-b96; Cisco VDS-OE Software 1.x anterior a 1.0.1; y Cisco VDS-OS Software 1.x en modo central-management, permite a usuarios autenticados remotamente ejecutar comandos arbitrarios añadiendo cadenas con valores modificados en los campos GUI. Aka Bug IDs CSCug40609, CSCug48855, CSCug48921, CSCug48872, CSCuh21103, CSCuh21020, y CSCug56790. • http://secunia.com/advisories/54367 http://secunia.com/advisories/54369 http://secunia.com/advisories/54370 http://secunia.com/advisories/54372 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-cm http://www.securityfocus.com/bid/61543 http://www.securitytracker.com/id/1028852 http://www.securitytracker.com/id/1028853 https://exchange.xforce.ibmcloud.com/vulnerabilities/86122 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 0

Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, or 5.1 before 5.1.11.6 allow remote attackers to cause a denial of service (CPU consumption) via malformed IP packets. • http://secunia.com/advisories/14395 http://www.cisco.com/warp/public/707/cisco-sa-20050224-acnsdos.shtml http://www.securityfocus.com/bid/12648 https://exchange.xforce.ibmcloud.com/vulnerabilities/19468 •

CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0

Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, 5.1, or 5.2 use a default password when the setup dialog has not been run, which allows remote attackers to gain access. • http://secunia.com/advisories/14395 http://www.cisco.com/warp/public/707/cisco-sa-20050224-acnsdos.shtml http://www.securityfocus.com/bid/12648 https://exchange.xforce.ibmcloud.com/vulnerabilities/19471 •

CVSS: 5.0EPSS: 1%CPEs: 53EXPL: 0

The RealServer RealSubscriber on Cisco devices running Application and Content Networking System (ACNS) 5.1 allow remote attackers to cause a denial of service (CPU consumption) via malformed packets. • http://secunia.com/advisories/14395 http://www.cisco.com/warp/public/707/cisco-sa-20050224-acnsdos.shtml http://www.kb.cert.org/vuls/id/579240 http://www.securityfocus.com/bid/12648 https://exchange.xforce.ibmcloud.com/vulnerabilities/19469 •

CVSS: 5.0EPSS: 0%CPEs: 53EXPL: 0

Cisco devices running Application and Content Networking System (ACNS) 5.0, 5.1 before 5.1.13.7, or 5.2 before 5.2.3.9 allow remote attackers to cause a denial of service (bandwidth consumption) via "crafted IP packets" that are continuously forwarded. • http://secunia.com/advisories/14395 http://www.cisco.com/warp/public/707/cisco-sa-20050224-acnsdos.shtml http://www.securityfocus.com/bid/12648 https://exchange.xforce.ibmcloud.com/vulnerabilities/19470 •