CVE-2014-3285
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cisco Wide Area Application Services (WAAS) 5.3(.5a) and earlier, when SharePoint acceleration is enabled, does not properly parse SharePoint responses, which allows remote attackers to cause a denial of service (application-optimization handler reload) via a crafted SharePoint application, aka Bug ID CSCue47674.
Cisco Wide Area Application Services (WAAS) 5.3(.5a) y anteriores, cuando SharePoint Acceleration está habilitado, no analiza debidamente respuestas SharePoint, lo que permite a atacantes remotos causar una denegación de servicio (reinicio de manejador de optimización de aplicación) a través de una aplicación SharePoint manipulada, también conocido como Bug ID CSCue47674.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-05-07 CVE Reserved
- 2014-05-29 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/67696 | Third Party Advisory | |
| http://www.securitytracker.com/id/1030307 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3285 | 2016-09-07 | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=34395 | 2016-09-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | <= 5.3\(.5a\) Search vendor "Cisco" for product "Wide Area Application Services" and version " <= 5.3\(.5a\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.1 Search vendor "Cisco" for product "Wide Area Application Services" and version "5.1" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.1\(.1\) Search vendor "Cisco" for product "Wide Area Application Services" and version "5.1\(.1\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.1\(.1a\) Search vendor "Cisco" for product "Wide Area Application Services" and version "5.1\(.1a\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.1\(.1b\) Search vendor "Cisco" for product "Wide Area Application Services" and version "5.1\(.1b\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.1\(.1c\) Search vendor "Cisco" for product "Wide Area Application Services" and version "5.1\(.1c\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.1\(.1d\) Search vendor "Cisco" for product "Wide Area Application Services" and version "5.1\(.1d\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.1\(.1e\) Search vendor "Cisco" for product "Wide Area Application Services" and version "5.1\(.1e\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.1\(.1f\) Search vendor "Cisco" for product "Wide Area Application Services" and version "5.1\(.1f\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.2 Search vendor "Cisco" for product "Wide Area Application Services" and version "5.2" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.2\(.1\) Search vendor "Cisco" for product "Wide Area Application Services" and version "5.2\(.1\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.3 Search vendor "Cisco" for product "Wide Area Application Services" and version "5.3" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.3\(.1\) Search vendor "Cisco" for product "Wide Area Application Services" and version "5.3\(.1\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.3\(.3\) Search vendor "Cisco" for product "Wide Area Application Services" and version "5.3\(.3\)" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Wide Area Application Services Search vendor "Cisco" for product "Wide Area Application Services" | 5.3\(.5\) Search vendor "Cisco" for product "Wide Area Application Services" and version "5.3\(.5\)" | - |
Affected
| ||||||