exploitDog

CVE-2012-1348

Опубликовано: 06 авг. 2012

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one-way hash of a password within output text, which might allow remote attackers to obtain sensitive information via a brute-force attack on the hash string, aka Bug ID CSCty17279.

Ссылки

http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v501/release/notes/ws501xrn.pdf
Vendor Advisory
http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v501/release/notes/ws501xrn.pdf
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:wide_area_application_services:4.4:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:5.0:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.0025

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-4r8w-vcjg-cxx6

github

больше 3 лет назад

Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one-way hash of a password within output text, which might allow remote attackers to obtain sensitive information via a brute-force attack on the hash string, aka Bug ID CSCty17279.

EPSS

Процентиль: 48%

0.0025

Низкий

5 Medium

CVSS2

Дефекты

CWE-200