Sign-up

ID

VAR-201311-0295


CVE

CVE-2013-5554


TITLE

Cisco Wide Area Application Services Mobile Server Web Management interface directory traversal vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2013-005051

DESCRIPTION

Directory traversal vulnerability in the web-management interface in the server in Cisco Wide Area Application Services (WAAS) Mobile before 3.5.5 allows remote attackers to upload and execute arbitrary files via a crafted POST request, aka Bug ID CSCuh69773. Vendors have confirmed this vulnerability Bug ID CSCuh69773 It is released as.Skillfully crafted by a third party POST Any file may be uploaded and executed via a request. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of CAB files uploaded through ReportReceiver. By uploading a crafted CAB file, an attacker is able to add a hostile web page to the web server. Using this, an attacker is able to run arbitrary code as either DefaultAppPool or NetworkService, depending on the operating system version. Failed exploit attempts may result in a denial-of-service condition. This issue is being tracked by Cisco bug ID CSCuh69773. The vulnerability stems from the fact that the program does not correctly handle HTTP POST requests

Trust: 2.61

sources: NVD: CVE-2013-5554 // JVNDB: JVNDB-2013-005051 // ZDI: ZDI-13-276 // BID: 63554 // VULHUB: VHN-65556

AFFECTED PRODUCTS

vendor:ciscomodel:wide area application services mobilescope:eqversion:3.5.3

Trust: 1.6

vendor:ciscomodel:wide area application services mobilescope:eqversion:3.4

Trust: 1.6

vendor:ciscomodel:wide area application services mobilescope:eqversion:3.4.1

Trust: 1.6

vendor:ciscomodel:wide area application services mobilescope:eqversion:3.3.1

Trust: 1.6

vendor:ciscomodel:wide area application services mobilescope:eqversion:3.5.2

Trust: 1.6

vendor:ciscomodel:wide area application services mobilescope:eqversion:3.5.0

Trust: 1.6

vendor:ciscomodel:wide area application services mobilescope:eqversion:3.5.1

Trust: 1.6

vendor:ciscomodel:wide area application services mobilescope:eqversion:3.4.2

Trust: 1.6

vendor:ciscomodel:wide area application services mobilescope:eqversion:3.3.4

Trust: 1.6

vendor:ciscomodel:wide area application services mobilescope:lteversion:3.5.4

Trust: 1.0

vendor:ciscomodel:wide area application services mobilescope:ltversion:3.5.5

Trust: 0.8

vendor:ciscomodel:waas mobile serverscope: - version: -

Trust: 0.7

vendor:ciscomodel:wide area application services mobilescope:eqversion:3.5.4

Trust: 0.6

sources: ZDI: ZDI-13-276 // JVNDB: JVNDB-2013-005051 // CNNVD: CNNVD-201311-096 // NVD: CVE-2013-5554

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-5554
value: HIGH

Trust: 1.0

NVD: CVE-2013-5554
value: HIGH

Trust: 0.8

ZDI: CVE-2013-5554
value: HIGH

Trust: 0.7

CNNVD: CNNVD-201311-096
value: HIGH

Trust: 0.6

VULHUB: VHN-65556
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2013-5554
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 2.5

VULHUB: VHN-65556
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: ZDI: ZDI-13-276 // VULHUB: VHN-65556 // JVNDB: JVNDB-2013-005051 // CNNVD: CNNVD-201311-096 // NVD: CVE-2013-5554

PROBLEMTYPE DATA

problemtype:CWE-22

Trust: 1.9

sources: VULHUB: VHN-65556 // JVNDB: JVNDB-2013-005051 // NVD: CVE-2013-5554

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201311-096

TYPE

path traversal

Trust: 0.6

sources: CNNVD: CNNVD-201311-096

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-005051

PATCH
title:cisco-sa-20131106-waasmurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-waasm
Trust: 1.5
title:31570url:http://tools.cisco.com/security/center/viewAlert.x?alertId=31570
Trust: 0.8
title:cisco-sa-20131106-waasmurl:http://www.cisco.com/cisco/web/support/JP/112/1120/1120848_cisco-sa-20131106-waasm-j.html
Trust: 0.8
sources:
            
            
            ZDI: ZDI-13-276 // 
            
            
            
            JVNDB: JVNDB-2013-005051

EXTERNAL IDS
db:NVDid:CVE-2013-5554
Trust: 3.5
db:BIDid:63554
Trust: 1.0
db:JVNDBid:JVNDB-2013-005051
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-1862
Trust: 0.7
db:ZDIid:ZDI-13-276
Trust: 0.7
db:CNNVDid:CNNVD-201311-096
Trust: 0.7
db:CISCOid:20131106 CISCO WAAS MOBILE REMOTE CODE EXECUTION VULNERABILITY
Trust: 0.6
db:NSFOCUSid:25230
Trust: 0.6
db:VULHUBid:VHN-65556
Trust: 0.1
sources:
            
            
            ZDI: ZDI-13-276 // 
            
            
            
            VULHUB: VHN-65556 // 
            
            
            
            BID: 63554 // 
            
            
            
            JVNDB: JVNDB-2013-005051 // 
            
            
            
            CNNVD: CNNVD-201311-096 // 
            
            
            
            NVD: CVE-2013-5554

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20131106-waasm
Trust: 2.4
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5554
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5554
Trust: 0.8
url:http://www.securityfocus.com/bid/63554
Trust: 0.6
url:http://www.nsfocus.net/vulndb/25230
Trust: 0.6
url:http://www.cisco.com
Trust: 0.3
sources:
            
            
            ZDI: ZDI-13-276 // 
            
            
            
            VULHUB: VHN-65556 // 
            
            
            
            BID: 63554 // 
            
            
            
            JVNDB: JVNDB-2013-005051 // 
            
            
            
            CNNVD: CNNVD-201311-096 // 
            
            
            
            NVD: CVE-2013-5554

CREDITS
Andrea Micalizzi aka rgod
Trust: 0.7
sources:
            
            
            ZDI: ZDI-13-276

SOURCES
db:ZDIid:ZDI-13-276
db:VULHUBid:VHN-65556
db:BIDid:63554
db:JVNDBid:JVNDB-2013-005051
db:CNNVDid:CNNVD-201311-096
db:NVDid:CVE-2013-5554

LAST UPDATE DATE
2025-04-11T23:18:52.935000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-13-276date:2013-12-15T00:00:00
db:VULHUBid:VHN-65556date:2013-11-08T00:00:00
db:BIDid:63554date:2013-12-17T00:18:00
db:JVNDBid:JVNDB-2013-005051date:2013-11-11T00:00:00
db:CNNVDid:CNNVD-201311-096date:2013-12-20T00:00:00
db:NVDid:CVE-2013-5554date:2025-04-11T00:51:21.963

SOURCES RELEASE DATE
db:ZDIid:ZDI-13-276date:2013-12-15T00:00:00
db:VULHUBid:VHN-65556date:2013-11-08T00:00:00
db:BIDid:63554date:2013-11-06T00:00:00
db:JVNDBid:JVNDB-2013-005051date:2013-11-11T00:00:00
db:CNNVDid:CNNVD-201311-096date:2013-11-12T00:00:00
db:NVDid:CVE-2013-5554date:2013-11-08T04:47:23.027