- Description
- The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Services are configured, allows remote attackers to cause a denial of service (loss of service) via a flood of TCP SYN packets to port (1) 139 or (2) 445.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:wide_area_application_engine:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4B05D957-4CD3-4489-B8AC-05DE3E8DC2D1"
},
{
"criteria": "cpe:2.3:h:cisco:wide_area_application_engine_nm-wae-502:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "02245BBD-6655-4604-B158-C71D28736754"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3773CE5E-D27E-46A0-B2EC-4693747FCFD3"
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:4.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A813F07A-0429-4C5F-B821-EDAB74B93072"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]