One-Way Hash Vulnerability in Cisco WAAS Appliances
CVE-2012-1348

Currently unrated

Key Information:

Vendor: Cisco
Status: Wide Area Application Services
Vendor: CVE Published:; 6 August 2012

Summary

Cisco Wide Area Application Services (WAAS) appliances, specifically versions 4.4, 5.0, and 5.1, contain a vulnerability where a one-way hash of a password is included in output text. This flaw could enable remote attackers to leverage brute-force methods to decode the hashed passwords, thereby gaining unauthorized access to sensitive information. The issue has been documented under Bug ID CSCty17279 and highlights the importance of securing password management practices in network appliances.

References

http://www.cisco.com/en/US/docs/app_ntwk_services/waas/wa...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Aug 6, 2012