Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2014-3285

Published: 29/05/2014 Updated: 07/09/2016
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Cisco

Vulnerability Summary

Cisco Wide Area Application Services (WAAS) 5.3(.5a) and previous versions, when SharePoint acceleration is enabled, does not properly parse SharePoint responses, which allows remote malicious users to cause a denial of service (application-optimization handler reload) via a crafted SharePoint application, aka Bug ID CSCue47674.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

cisco wide area application services 5.3\\(.1\\)

cisco wide area application services 5.3

cisco wide area application services 5.2\\(.1\\)

cisco wide area application services 5.2

cisco wide area application services 5.3\\(.5\\)

cisco wide area application services 5.1\\(.1e\\)

cisco wide area application services 5.1\\(.1c\\)

cisco wide area application services

cisco wide area application services 5.3\\(.3\\)

cisco wide area application services 5.1\\(.1f\\)

cisco wide area application services 5.1\\(.1d\\)

cisco wide area application services 5.1\\(.1b\\)

cisco wide area application services 5.1

cisco wide area application services 5.1\\(.1a\\)

cisco wide area application services 5.1\\(.1\\)

Vendor Advisories

Cisco: Cisco Wide Area Application Services Partial Denial of Service Vulnerability
A vulnerability in Cisco Wide Area Application Services (WAAS) software, when configured with the SharePoint acceleration feature, could allow an unauthenticated, remote attacker to cause a reload of the application optimization handler The vulnerability is due to incorrect parsing of SharePoint responses An attacker could exploit this vulnerabi ...

References

CWE-20http://tools.cisco.com/security/center/viewAlert.x?alertId=34395http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3285http://secunia.com/advisories/58806http://www.securityfocus.com/bid/67696http://www.securitytracker.com/id/1030307https://nvd.nist.govhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140528-CVE-2014-3285
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook