CVE-2013-3444

The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1; Cisco ACNS Software 4.x and 5.x before 5.5.29.2; Cisco ECDS Software 2.x before 2.5.6; Cisco CDS-IS Software 2.x before 2.6.3.b50 and 3.1.x before 3.1.2b54; Cisco VDS-IS Software 3.2.x before 3.2.1.b9; Cisco VDS-SB Software 1.x before 1.1.0-b96; Cisco VDS-OE Software 1.x before 1.0.1; and Cisco VDS-OS Software 1.x in central-management mode allows remote authenticated users to execute arbitrary commands by appending crafted strings to values in GUI fields, aka Bug IDs CSCug40609, CSCug48855, CSCug48921, CSCug48872, CSCuh21103, CSCuh21020, and CSCug56790.

Severity	HIGH
CVSS	9.0
CWE	CWE-78
KEV
Published	12 years ago
Modified	2 weeks ago

Related Products

Product	Advisory	Evidence
Cisco Wide Area Application Services (WAAS)	cisco-sa-20130731-cm	Cisco OpenVuln
Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS)	cisco-sa-20130731-cm	Cisco OpenVuln
Cisco Videoscape Distribution Suite Service Broker	cisco-sa-20130731-cm	Cisco OpenVuln
Cisco Videoscape Distribution Suite Origin Server	cisco-sa-20130731-cm	Cisco OpenVuln
Cisco Videoscape Distribution Suite Optimization Engine (VDS-OE)	cisco-sa-20130731-cm	Cisco OpenVuln
Cisco Internet Streamer Content Delivery System (CDS-IS)	cisco-sa-20130731-cm	Cisco OpenVuln
Cisco Internet Streamer Content Delivery System (CDS)	cisco-sa-20130731-cm	Cisco OpenVuln
Cisco Enterprise Content Delivery System (ECDS)	cisco-sa-20130731-cm	Cisco OpenVuln
Cisco Application and Content Networking System (ACNS) Software	cisco-sa-20130731-cm	Cisco OpenVuln
Application and Content Networking System (ACNS) Software	cisco-sa-20130731-cm	Cisco OpenVuln