Authenticated Command Injection in Cisco WAAS and ACNS Software
CVE-2013-3444

Currently unrated

Key Information:

Vendor

Cisco
Status
Wide Area Application Services
Vendor
CVE Published:
1 August 2013

What is CVE-2013-3444?

The web framework in multiple Cisco content delivery products has a command injection vulnerability. Remote authenticated users can exploit this flaw by appending specially crafted strings to input fields within the graphical user interface, potentially allowing for arbitrary command execution. This vulnerability impacts several versions of Cisco WAAS, ACNS, ECDS, and VDS software, thereby exposing the underlying systems to significant risks. It is crucial for users of these products to apply the appropriate updates and patches to mitigate the vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1028852
vdb-entryx_refsource_SECTRACK
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO
http://secunia.com/advisories/54367
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.