Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cisco wide area application services 4.0.1 vulnerabilities and exploits

(subscribe to this query)
NA
CVE-2013-3443
The web service framework in Cisco WAAS Software 4.x and 5.x prior to 5.0.3e, 5.1.x prior to 5.1.1c, and 5.2.x prior to 5.2.1 in a Central Manager (CM) configuration allows remote malicious users to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh26626.
Cisco Wide Area Application Services 4.0.5Cisco Wide Area Application Services 4.0.7Cisco Wide Area Application Services 4.0.23Cisco Wide Area Application Services 4.0.25Cisco Wide Area Application Services 4.0.1Cisco Wide Area Application Services 4.0.3Cisco Wide Area Application Services 4.0.19Cisco Wide Area Application Services 4.0.21Cisco Wide Area Application Services 4.0.13Cisco Wide Area Application Services 4.0.17Cisco Wide Area Application Services 4.0.9Cisco Wide Area Application Services 4.0.11Cisco Wide Area Application Services 4.0.27Cisco Wide Area Application Services 4.1.1Cisco Wide Area Application Services 4.1.3Cisco Wide Area Application Services 4.1.5Cisco Wide Area Application Services 4.1.7Cisco Wide Area Application Services 4.2.3Cisco Wide Area Application Services 4.2.1Cisco Wide Area Application Services 4.3.5Cisco Wide Area Application Services 4.3.1Cisco Wide Area Application Services 4.3.3
NA
CVE-2013-3444
The web framework in Cisco WAAS Software prior to 4.x and 5.x prior to 5.0.3e, 5.1.x prior to 5.1.1c, and 5.2.x prior to 5.2.1; Cisco ACNS Software 4.x and 5.x prior to 5.5.29.2; Cisco ECDS Software 2.x prior to 2.5.6; Cisco CDS-IS Software 2.x prior to 2.6.3.b50 and 3.1.x prior ...
Cisco Wide Area Application Services 4.1.1Cisco Wide Area Application Services 4.1.3Cisco Wide Area Application Services 4.1.5Cisco Wide Area Application Services 4.1.7Cisco Wide Area Application Services 4.3.5Cisco Wide Area Application Services 4.3.1Cisco Wide Area Application Services 4.3.3Cisco Wide Area Application Services 5.0.3Cisco Wide Area Application Services 5.0.1Cisco Wide Area Application Services 4.2.1Cisco Wide Area Application Services 4.2.3Cisco Wide Area Application Services 4.4.3Cisco Wide Area Application Services 4.4.7Cisco Wide Area Application Services 4.4.5Cisco Wide Area Application Services 4.4.1Cisco Wide Area Application Services 5.1.1Cisco Wide Area Application Services 5.2Cisco Wide Area Application Services 4.0.1Cisco Wide Area Application Services 4.0.3Cisco Wide Area Application Services 4.0.19Cisco Wide Area Application Services 4.0.21Cisco Wide Area Application Services 4.0.9
5.3
CVSSv3
CVE-2015-8139
ntpq in NTP prior to 4.2.8p7 allows remote malicious users to obtain origin timestamps and then impersonate peers via unspecified vectors.
Ntp Ntp
4.8
CVSSv3
CVE-2015-8140
The ntpq protocol in NTP prior to 4.2.8p7 allows remote malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
6.5
CVSSv3
CVE-2015-7973
NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90, when configured in broadcast mode, allows man-in-the-middle malicious users to conduct replay attacks by sniffing the network.
Ntp NtpNtp Ntp 4.2.8Siemens Tim 4r-ie FirmwareSiemens Tim 4r-ie Dnp3 FirmwareFreebsd Freebsd 9.3Freebsd FreebsdFreebsd Freebsd 10.1Freebsd Freebsd 10.2Netapp Clustered Data Ontap -Netapp Oncommand Balance -Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04
6.2
CVSSv3
CVE-2015-7975
The nextvar function in NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90 does not properly validate the length of its input, which allows an malicious user to cause a denial of service (application crash).
Ntp Ntp 4.3.0Ntp Ntp 4.3.1Ntp Ntp 4.3.16Ntp Ntp 4.3.17Ntp Ntp 4.3.18Ntp Ntp 4.3.24Ntp Ntp 4.3.25Ntp Ntp 4.3.31Ntp Ntp 4.3.32Ntp Ntp 4.3.39Ntp Ntp 4.3.4Ntp Ntp 4.3.40Ntp Ntp 4.3.47Ntp Ntp 4.3.48Ntp Ntp 4.3.54Ntp Ntp 4.3.55Ntp Ntp 4.3.62Ntp Ntp 4.3.63Ntp Ntp 4.3.7Ntp Ntp 4.3.70Ntp Ntp 4.3.77Ntp Ntp 4.3.78
4.3
CVSSv3
CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x prior to 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows malicious users to cause unspecified impact via a crafted filename.
Ntp Ntp 4.1.2Ntp NtpNtp Ntp 4.3.0Ntp Ntp 4.3.1Ntp Ntp 4.3.16Ntp Ntp 4.3.17Ntp Ntp 4.3.24Ntp Ntp 4.3.25Ntp Ntp 4.3.31Ntp Ntp 4.3.32Ntp Ntp 4.3.39Ntp Ntp 4.3.4Ntp Ntp 4.3.47Ntp Ntp 4.3.48Ntp Ntp 4.3.54Ntp Ntp 4.3.55Ntp Ntp 4.3.61Ntp Ntp 4.3.62Ntp Ntp 4.3.63Ntp Ntp 4.3.7Ntp Ntp 4.3.70Ntp Ntp 4.3.77
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111CVE-2024-32884IDORCVE-2023-1000CVE-2024-33260CVE-2024-3682reflected XSSrace conditionCVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook