VYPR

Wide Area Application Services

by Cisco Systems, Inc.

CVEs (19)

  • CVE-2015-6421HigJan 27, 2016
    risk 0.49cvss 7.5epss 0.02

    cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service (resource consumption and device reload) via crafted…

  • CVE-2017-6628MedMay 3, 2017
    risk 0.44cvss 6.8epss 0.02

    A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition where the WAN optimization could stop functioning while…

  • CVE-2017-12256MedOct 5, 2017
    risk 0.42cvss 6.5epss 0.01

    A vulnerability in the Akamai Connect feature of Cisco Wide Area Application Services (WAAS) Appliances could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition on an affected device. The vulnerability is due to certain file-handling…

  • CVE-2016-6437MedOct 27, 2016
    risk 0.38cvss 5.9epss 0.02

    A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a performance degradation.…

  • CVE-2017-12267MedOct 5, 2017
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the Independent Computing Architecture (ICA) accelerator feature for the Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an ICA application optimization-related process to restart, resulting in a partial…

  • CVE-2017-12250MedSep 21, 2017
    risk 0.35cvss 5.3epss 0.03

    A vulnerability in the HTTP web interface for Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause an HTTP Application Optimization (AO) related process to restart, causing a partial denial of service (DoS) condition. The…

  • CVE-2017-6730MedJul 10, 2017
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the web-based GUI of Cisco Wide Area Application Services (WAAS) Central Manager could allow an unauthenticated, remote attacker to retrieve completed reports from an affected system, aka Information Disclosure. This vulnerability affects the following…

  • CVE-2017-6727MedJul 10, 2017
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the Server Message Block (SMB) protocol of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device due to a process restarting unexpectedly and creating Core…

  • CVE-2017-6721MedJul 4, 2017
    risk 0.35cvss 5.3epss 0.02

    A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause the WAASNET process to restart unexpectedly, causing a denial of service (DoS) condition. More Information:…

  • CVE-2021-1438May 6, 2021
    risk 0.00cvss epss 0.00

    A vulnerability in Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to gain access to sensitive information on an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a…

  • CVE-2020-3446Aug 26, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in Cisco Virtual Wide Area Application Services (vWAAS) with Cisco Enterprise NFV Infrastructure Software (NFVIS)-bundled images for Cisco ENCS 5400-W Series and CSP 5000-W Series appliances could allow an unauthenticated, remote attacker to log into the NFVIS…

  • CVE-2019-1876Jun 20, 2019
    risk 0.00cvss epss 0.02

    A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote attacker to use the Central Manager as an HTTPS proxy. The vulnerability is due to insufficient authentication of proxy connection requests.…

  • CVE-2015-0730May 16, 2015
    risk 0.00cvss epss 0.01

    The SMB module in Cisco Wide Area Application Services (WAAS) 6.0(1) allows remote attackers to cause a denial of service (module reload) via an invalid field in a Negotiate Protocol request, aka Bug ID CSCuo75645.

  • CVE-2014-3285May 29, 2014
    risk 0.00cvss epss 0.03

    Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when SharePoint acceleration is enabled, does not properly parse SharePoint responses, which allows remote attackers to cause a denial of service (application-optimization handler reload) via a crafted SharePoint…

  • CVE-2014-2196May 26, 2014
    risk 0.00cvss epss 0.02

    Cisco Wide Area Application Services (WAAS) 5.1.1 before 5.1.1e, when SharePoint prefetch optimization is enabled, allows remote SharePoint servers to execute arbitrary code via a malformed response, aka Bug ID CSCue18479.

  • CVE-2013-3444Aug 1, 2013
    risk 0.00cvss epss 0.04

    The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1; Cisco ACNS Software 4.x and 5.x before 5.5.29.2; Cisco ECDS Software 2.x before 2.5.6; Cisco CDS-IS Software 2.x before 2.6.3.b50 and 3.1.x before 3.1.2b54;…

  • CVE-2013-3443Aug 1, 2013
    risk 0.00cvss epss 0.06

    The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central Manager (CM) configuration allows remote attackers to execute arbitrary code via a crafted POST request, aka Bug ID CSCuh26626.

  • CVE-2012-1348Aug 6, 2012
    risk 0.00cvss epss 0.01

    Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one-way hash of a password within output text, which might allow remote attackers to obtain sensitive information via a brute-force attack on the hash string, aka Bug ID CSCty17279.

  • CVE-2007-3923Jul 21, 2007
    risk 0.00cvss epss 0.02

    The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services are configured, allows remote attackers to cause a denial of service (loss of…