Vulnerability Description
Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when SharePoint acceleration is enabled, does not properly parse SharePoint responses, which allows remote attackers to cause a denial of service (application-optimization handler reload) via a crafted SharePoint application, aka Bug ID CSCue47674.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Wide Area Application Services | <= 5.3\(.5a\) |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/58806Permissions Required
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3285Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34395Vendor Advisory
- http://www.securityfocus.com/bid/67696Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1030307Third Party AdvisoryVDB Entry
- http://secunia.com/advisories/58806Permissions Required
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3285Vendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=34395Vendor Advisory
- http://www.securityfocus.com/bid/67696Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1030307Third Party AdvisoryVDB Entry
FAQ
What is CVE-2014-3285?
CVE-2014-3285 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when SharePoint acceleration is enabled, does not properly parse SharePoint responses, which allows remote attackers to cause a denial...
How severe is CVE-2014-3285?
CVE-2014-3285 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-3285?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Wide Area Application Services.