Cisco Wide Area Application Services — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Wide Area Application Services, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2013-3443 — CVSS 10.0 (critical): The web service framework in Cisco WAAS Software 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1 in a Central…
CVE-2014-2196 — CVSS 9.3 (critical): Cisco Wide Area Application Services (WAAS) 5.1.1 before 5.1.1e, when SharePoint prefetch optimization is enabled, allows remote SharePoint…
CVE-2013-3444 — CVSS 9.0 (critical): The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1; Cisco ACNS Software…
CVE-2007-3923 — CVSS 7.8 (high): The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4.0.7 and 4.0.9, as used by Cisco WAE…
CVE-2015-6421 — CVSS 7.5 (high): cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before…
CVE-2017-6628 — CVSS 6.8 (medium): A vulnerability in SMART-SSL Accelerator functionality for Cisco Wide Area Application Services (WAAS) 6.2.1, 6.2.1a, and 6.2.3a could…
CVE-2018-0352 — CVSS 6.7 (medium): A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services (WAAS) Software could allow an…
CVE-2017-12256 — CVSS 6.5 (medium): A vulnerability in the Akamai Connect feature of Cisco Wide Area Application Services (WAAS) Appliances could allow an unauthenticated…
CVE-2016-6437 — CVSS 5.9 (medium): A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote…
CVE-2021-1438 — CVSS 5.5 (medium): A vulnerability in Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to gain access to…
CVE-2017-12250 — CVSS 5.3 (medium): A vulnerability in the HTTP web interface for Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker…
CVE-2017-12267 — CVSS 5.3 (medium): A vulnerability in the Independent Computing Architecture (ICA) accelerator feature for the Cisco Wide Area Application Services (WAAS)…
CVE-2017-6721 — CVSS 5.3 (medium): A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area Application Services (WAAS) could allow an…
CVE-2017-6727 — CVSS 5.3 (medium): A vulnerability in the Server Message Block (SMB) protocol of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated…
CVE-2017-6730 — CVSS 5.3 (medium): A vulnerability in the web-based GUI of Cisco Wide Area Application Services (WAAS) Central Manager could allow an unauthenticated, remote…
CVE-2018-0329 — CVSS 5.3 (medium): A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP) feature of Cisco Wide Area Application…
CVE-2014-3285 — CVSS 5.0 (medium): Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when SharePoint acceleration is enabled, does not properly parse…
CVE-2015-0730 — CVSS 5.0 (medium): The SMB module in Cisco Wide Area Application Services (WAAS) 6.0(1) allows remote attackers to cause a denial of service (module reload)…
CVE-2012-1348 — CVSS 5.0 (medium): Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one-way hash of a password within output…
CVE-2019-1876 — CVSS 4.0 (medium): A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote…