Vulnerability Description
The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services are configured, allows remote attackers to cause a denial of service (loss of service) via a flood of TCP SYN packets to port (1) 139 or (2) 445.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Wide Area Application Engine | All versions |
| Cisco | Wide Area Application Engine Nm-Wae-502 | All versions |
| Cisco | Wide Area Application Services | 4.0.7 |
References
- http://secunia.com/advisories/26122PatchVendor Advisory
- http://www.cisco.com/warp/public/707/cisco-sa-20070718-waas.shtmlPatch
- http://www.osvdb.org/36120
- http://www.securityfocus.com/bid/24956Patch
- http://www.securitytracker.com/id?1018416Patch
- http://www.vupen.com/english/advisories/2007/2572
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35477
- http://secunia.com/advisories/26122PatchVendor Advisory
- http://www.cisco.com/warp/public/707/cisco-sa-20070718-waas.shtmlPatch
- http://www.osvdb.org/36120
- http://www.securityfocus.com/bid/24956Patch
- http://www.securitytracker.com/id?1018416Patch
- http://www.vupen.com/english/advisories/2007/2572
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35477
FAQ
What is CVE-2007-3923?
CVE-2007-3923 is a vulnerability with a CVSS score of 7.8 (HIGH). The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services...
How severe is CVE-2007-3923?
CVE-2007-3923 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3923?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wide Area Application Engine, Cisco Wide Area Application Engine Nm-Wae-502, Cisco Wide Area Application Services.