Vulnerabilities > Cisco > Wide Area Application Services
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-03 | CVE-2017-6628 | Improper Handling of Exceptional Conditions vulnerability in Cisco Wide Area Application Services 6.2.1/6.2.1A/6.2.3A A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition where the WAN optimization could stop functioning while the process restarts. | 4.3 |
| 2016-10-27 | CVE-2016-6437 | Resource Management Errors vulnerability in Cisco Wide Area Application Services A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. | 7.1 |
| 2016-01-27 | CVE-2015-6421 | Resource Management Errors vulnerability in Cisco Wide Area Application Services cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service (resource consumption and device reload) via crafted network traffic, aka Bug ID CSCus85330. | 7.8 |
| 2015-05-16 | CVE-2015-0730 | Improper Input Validation vulnerability in Cisco Wide Area Application Services 6.0(1) The SMB module in Cisco Wide Area Application Services (WAAS) 6.0(1) allows remote attackers to cause a denial of service (module reload) via an invalid field in a Negotiate Protocol request, aka Bug ID CSCuo75645. | 5.0 |
| 2014-05-29 | CVE-2014-3285 | Improper Input Validation vulnerability in Cisco Wide Area Application Services Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when SharePoint acceleration is enabled, does not properly parse SharePoint responses, which allows remote attackers to cause a denial of service (application-optimization handler reload) via a crafted SharePoint application, aka Bug ID CSCue47674. | 5.0 |
| 2014-05-26 | CVE-2014-2196 | Code Injection vulnerability in Cisco Wide Area Application Services 5.1.1 Cisco Wide Area Application Services (WAAS) 5.1.1 before 5.1.1e, when SharePoint prefetch optimization is enabled, allows remote SharePoint servers to execute arbitrary code via a malformed response, aka Bug ID CSCue18479. | 9.3 |
| 2013-08-01 | CVE-2013-3444 | OS Command Injection vulnerability in Cisco products The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1; Cisco ACNS Software 4.x and 5.x before 5.5.29.2; Cisco ECDS Software 2.x before 2.5.6; Cisco CDS-IS Software 2.x before 2.6.3.b50 and 3.1.x before 3.1.2b54; Cisco VDS-IS Software 3.2.x before 3.2.1.b9; Cisco VDS-SB Software 1.x before 1.1.0-b96; Cisco VDS-OE Software 1.x before 1.0.1; and Cisco VDS-OS Software 1.x in central-management mode allows remote authenticated users to execute arbitrary commands by appending crafted strings to values in GUI fields, aka Bug IDs CSCug40609, CSCug48855, CSCug48921, CSCug48872, CSCuh21103, CSCuh21020, and CSCug56790. | 9.0 |
| 2013-08-01 | CVE-2013-3443 | Improper Input Validation vulnerability in Cisco Wide Area Application Services The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager (CM) configuration allows remote attackers to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh26626. | 10.0 |
| 2012-08-06 | CVE-2012-1348 | Information Exposure vulnerability in Cisco Wide Area Application Services 4.4/5.0/5.1 Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one-way hash of a password within output text, which might allow remote attackers to obtain sensitive information via a brute-force attack on the hash string, aka Bug ID CSCty17279. | 5.0 |
| 2007-07-21 | CVE-2007-3923 | Remote Denial of Service vulnerability in Cisco Wide Area Application Services CIFS The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services are configured, allows remote attackers to cause a denial of service (loss of service) via a flood of TCP SYN packets to port (1) 139 or (2) 445. | 7.8 |