#VU7339 Information disclosure in Cisco Wide Area Application Services - CVE-2017-6730
Vulnerability identifier: #VU7339
Vulnerability risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-200
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Cisco Wide Area Application Services
Server applications /
Other server solutions
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information.
The weakness exists in the web-based GUI of Cisco Wide Area Application Services (WAAS) Central Manager due to a processing error in how the affected software applies role-based access control (RBAC) to URLs. A remote attacker can conduct a brute-force attack or guess the report ID of a completed report, send a specially crafted HTTP GET request with the ID to an affected system and download any completed report that was previously scheduled by a WAAS administrator via the Reports Central area in the WAAS Central Manager GUI.
Successful exploitation of the vulnerability results in information disclosure.
Mitigation
The vulnerability is addressed in the following versions:
6.3(0.228), 6.3(0.226), 6.2(3d)8, 5.5(7b)17.
Vulnerable software versions
Cisco Wide Area Application Services: 4.4.7 - 6.2.3
External links
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170705-waas1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
