Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one-way hash of a password within output text, which might allow remote attackers to obtain sensitive information via a brute-force attack on the hash string, aka Bug ID CSCty17279.
References
Link | Resource |
---|---|
http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v501/release/notes/ws501xrn.pdf | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2012-08-06 11:55
Updated : 2012-08-07 13:02
NVD link : CVE-2012-1348
Mitre link : CVE-2012-1348
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
cisco
- wide_area_application_services