Vulnerability Description
Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one-way hash of a password within output text, which might allow remote attackers to obtain sensitive information via a brute-force attack on the hash string, aka Bug ID CSCty17279.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Wide Area Application Services | 4.4 |
Related Weaknesses (CWE)
References
- http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v501/release/notes/wVendor Advisory
- http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v501/release/notes/wVendor Advisory
FAQ
What is CVE-2012-1348?
CVE-2012-1348 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Cisco Wide Area Application Services (WAAS) appliances with software 4.4, 5.0, and 5.1 include a one-way hash of a password within output text, which might allow remote attackers to obtain sensitive i...
How severe is CVE-2012-1348?
CVE-2012-1348 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-1348?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wide Area Application Services.