Vulnslist

find the latest Cisco vulnerabilities

Cisco WAAS Mobile Remote Code Execution Vulnerability

cisco-sa-20131106-waasm · High · Published · Updated

Cisco Wide Area Application Services (WAAS) Mobile contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the Cisco WAAS Mobile server with the privileges of the Microsoft Internet Information Services (IIS) web server. Cisco has released software updates that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-waasm

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that mitigate this vulnerability.

CVEsCVE-2013-5554
Cisco Bug IDsCSCuh69773
CVSS ScoreBase 7.5
Base 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C
Product Names From Source
Cisco Wide Area Application Services (WAAS) Mobile

Related Products

Product CVE Evidence
Cisco Wide Area Application Services Software CVE-2013-5554 Cisco OpenVuln
Cisco Wide Area Application Services Mobile CVE-2013-5554 Cisco OpenVuln
Cisco Wide Area Application Services Appliances CVE-2013-5554 Cisco OpenVuln
Cisco RV Series Routers CVE-2013-5554 Cisco OpenVuln
Cisco Wide Area Application Services (WAAS) Mobile CVE-2013-5554 Cisco OpenVuln
Cisco Wide Area Application Services (WAAS) CVE-2013-5554 Cisco OpenVuln