CVE-2013-3444

EPSS 2.64%
Published 01.08.2013 13:32:30
Last modified 11.04.2025 00:51:21
Source psirt@cisco.com
Teams watchlist Login
Open Login

The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1; Cisco ACNS Software 4.x and 5.x before 5.5.29.2; Cisco ECDS Software 2.x before 2.5.6; Cisco CDS-IS Software 2.x before 2.6.3.b50 and 3.1.x before 3.1.2b54; Cisco VDS-IS Software 3.2.x before 3.2.1.b9; Cisco VDS-SB Software 1.x before 1.1.0-b96; Cisco VDS-OE Software 1.x before 1.0.1; and Cisco VDS-OS Software 1.x in central-management mode allows remote authenticated users to execute arbitrary commands by appending crafted strings to values in GUI fields, aka Bug IDs CSCug40609, CSCug48855, CSCug48921, CSCug48872, CSCuh21103, CSCuh21020, and CSCug56790.

Affected products Warnungen 0 Metrics 2 CWE 1 References 12

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Wide Area Application Services Version4.1.1

Cisco ≫ Wide Area Application Services Version4.1.1 Updatea

Cisco ≫ Wide Area Application Services Version4.1.1 Updateb

Cisco ≫ Wide Area Application Services Version4.1.1 Updatec

Cisco ≫ Wide Area Application Services Version4.1.1 Updated

Cisco ≫ Wide Area Application Services Version4.1.3

Cisco ≫ Wide Area Application Services Version4.1.3 Updatea

Cisco ≫ Wide Area Application Services Version4.1.3 Updateb

Cisco ≫ Wide Area Application Services Version4.1.5 Updatea

Cisco ≫ Wide Area Application Services Version4.1.5 Updateb

Cisco ≫ Wide Area Application Services Version4.1.5 Updatec

Cisco ≫ Wide Area Application Services Version4.1.5 Updated

Cisco ≫ Wide Area Application Services Version4.1.5 Updatee

Cisco ≫ Wide Area Application Services Version4.1.5 Updatef

Cisco ≫ Wide Area Application Services Version4.1.5 Updateg

Cisco ≫ Wide Area Application Services Version4.1.7

Cisco ≫ Wide Area Application Services Version4.1.7 Updatea

Cisco ≫ Wide Area Application Services Version4.1.7 Updateb

Cisco ≫ Wide Area Application Services Version4.3.1

Cisco ≫ Wide Area Application Services Version4.3.3

Cisco ≫ Wide Area Application Services Version4.3.5

Cisco ≫ Wide Area Application Services Version4.3.5 Updatea

Cisco ≫ Wide Area Application Services Version5.0.1

Cisco ≫ Wide Area Application Services Version5.0.3

Cisco ≫ Wide Area Application Services Version5.0.3 Updatea

Cisco ≫ Wide Area Application Services Version5.0.3 Updatec

Cisco ≫ Wide Area Application Services Version5.0.3 Updated

Cisco ≫ Wide Area Application Services Version4.2.1

Cisco ≫ Wide Area Application Services Version4.2.3

Cisco ≫ Wide Area Application Services Version4.2.3 Updatea

Cisco ≫ Wide Area Application Services Version4.2.3 Updateb

Cisco ≫ Wide Area Application Services Version4.2.3 Updatec

Cisco ≫ Wide Area Application Services Version4.4.1

Cisco ≫ Wide Area Application Services Version4.4.3

Cisco ≫ Wide Area Application Services Version4.4.3 Updatea

Cisco ≫ Wide Area Application Services Version4.4.3 Updateb

Cisco ≫ Wide Area Application Services Version4.4.3 Updatec

Cisco ≫ Wide Area Application Services Version4.4.5

Cisco ≫ Wide Area Application Services Version4.4.5 Updatea

Cisco ≫ Wide Area Application Services Version4.4.5 Updateb

Cisco ≫ Wide Area Application Services Version4.4.5 Updatec

Cisco ≫ Wide Area Application Services Version4.4.5 Updated

Cisco ≫ Wide Area Application Services Version4.4.7

Cisco ≫ Wide Area Application Services Version5.1.1

Cisco ≫ Wide Area Application Services Version5.1.1 Updatea

Cisco ≫ Wide Area Application Services Version5.1.1 Updateb

Cisco ≫ Wide Area Application Services Version5.2

Cisco ≫ Wide Area Application Services Version4.0.1

Cisco ≫ Wide Area Application Services Version4.0.3

Cisco ≫ Wide Area Application Services Version4.0.5

Cisco ≫ Wide Area Application Services Version4.0.7

Cisco ≫ Wide Area Application Services Version4.0.9

Cisco ≫ Wide Area Application Services Version4.0.11

Cisco ≫ Wide Area Application Services Version4.0.13

Cisco ≫ Wide Area Application Services Version4.0.17

Cisco ≫ Wide Area Application Services Version4.0.19

Cisco ≫ Wide Area Application Services Version4.0.21

Cisco ≫ Wide Area Application Services Version4.0.23

Cisco ≫ Wide Area Application Services Version4.0.25

Cisco ≫ Wide Area Application Services Version4.0.27

Cisco ≫ Application And Content Networking System Software Version4.1.3

Cisco ≫ Application And Content Networking System Software Version4.2.3

Cisco ≫ Application And Content Networking System Software Version4.2.5

Cisco ≫ Application And Content Networking System Software Version4.2.7.3

Cisco ≫ Application And Content Networking System Software Version4.2.9.3

Cisco ≫ Application And Content Networking System Software Version4.2.11.5

Cisco ≫ Application And Content Networking System Software Version4.2.13.1

Cisco ≫ Application And Content Networking System Software Version5.0

Cisco ≫ Application And Content Networking System Software Version5.0.1

Cisco ≫ Application And Content Networking System Software Version5.0.3.5

Cisco ≫ Application And Content Networking System Software Version5.0.5.9

Cisco ≫ Application And Content Networking System Software Version5.0.7.10

Cisco ≫ Application And Content Networking System Software Version5.0.9.9

Cisco ≫ Application And Content Networking System Software Version5.0.11.6

Cisco ≫ Application And Content Networking System Software Version5.0.13.2

Cisco ≫ Application And Content Networking System Software Version5.0.15.1

Cisco ≫ Application And Content Networking System Software Version5.0.17.6

Cisco ≫ Application And Content Networking System Software Version5.1.1.3

Cisco ≫ Application And Content Networking System Software Version5.1.3.15

Cisco ≫ Application And Content Networking System Software Version5.1.5.2

Cisco ≫ Application And Content Networking System Software Version5.1.7.7

Cisco ≫ Application And Content Networking System Software Version5.1.9.5

Cisco ≫ Application And Content Networking System Software Version5.1.11.6

Cisco ≫ Application And Content Networking System Software Version5.1.13.7

Cisco ≫ Application And Content Networking System Software Version5.1.15.5

Cisco ≫ Application And Content Networking System Software Version5.4

Cisco ≫ Application And Content Networking System Software Version5.4.1.10

Cisco ≫ Application And Content Networking System Software Version5.4.3.17

Cisco ≫ Application And Content Networking System Software Version5.4.5.7

Cisco ≫ Application And Content Networking System Software Version5.4.7.3

Cisco ≫ Application And Content Networking System Software Version5.5

Cisco ≫ Application And Content Networking System Software Version5.5.1.7

Cisco ≫ Application And Content Networking System Software Version5.5.3.1

Cisco ≫ Application And Content Networking System Software Version5.5.5.4

Cisco ≫ Application And Content Networking System Software Version5.5.7.7

Cisco ≫ Application And Content Networking System Software Version5.5.9.9

Cisco ≫ Application And Content Networking System Software Version5.5.11.2

Cisco ≫ Application And Content Networking System Software Version5.5.13.7

Cisco ≫ Application And Content Networking System Software Version5.5.15.2

Cisco ≫ Application And Content Networking System Software Version5.5.17

Cisco ≫ Application And Content Networking System Software Version5.5.19

Cisco ≫ Application And Content Networking System Software Version5.5.21

Cisco ≫ Application And Content Networking System Software Version5.5.23

Cisco ≫ Application And Content Networking System Software Version5.5.25

Cisco ≫ Application And Content Networking System Software Version5.5.27

Cisco ≫ Application And Content Networking System Software Version5.5.29

Cisco ≫ Enterprise Content Delivery Network Software Version2.0

Cisco ≫ Enterprise Content Delivery Network Software Version2.5.3

Cisco ≫ Enterprise Content Delivery Network Software Version2.5.5

Cisco ≫ Internet Streamer Content Delivery System Version2.0

Cisco ≫ Internet Streamer Content Delivery System Version2.6

Cisco ≫ Internet Streamer Content Delivery System Version3.1

Cisco ≫ Videoscape Delivery System For Internet Streamer Version1.0.0

Cisco ≫ Videoscape Delivery System For Internet Streamer Version3.2.0

Cisco ≫ Videoscape Delivery System For Internet Streamer Version3.2.1

Cisco ≫ Videoscape Delivery System Origin Server Version1.0

Cisco ≫ Videoscape Distribution Suite Optimization Engine Version1.0.0

Cisco ≫ Videoscape Distribution Suite Service Broker Version1.0.0

Cisco ≫ Videoscape Distribution Suite Service Broker Version1.0.1

Cisco ≫ Videoscape Distribution Suite Service Broker Version1.1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.64%	0.843

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9	8	10	AV:N/AC:L/Au:S/C:C/I:C/A:C

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

http://secunia.com/advisories/54367

http://secunia.com/advisories/54372

http://secunia.com/advisories/54369

http://secunia.com/advisories/54370

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-cm

Vendor Advisory

http://www.securityfocus.com/bid/61543

http://www.securitytracker.com/id/1028852

http://www.securitytracker.com/id/1028853

https://exchange.xforce.ibmcloud.com/vulnerabilities/86122

https://nvd.nist.gov/vuln/detail/CVE-2013-3444

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-3444

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-3444

EUVD