Remote Code Execution in Cisco WAAS Products Due to Vulnerability in SharePoint Optimization
CVE-2014-2196

Currently unrated

Key Information:

Vendor: Cisco
Status: Wide Area Application Services
Vendor: CVE Published:; 26 May 2014

Summary

The vulnerability in Cisco Wide Area Application Services (WAAS) occurs when SharePoint prefetch optimization is enabled and the application fails to properly validate responses from remote SharePoint servers. This can allow attackers to execute arbitrary code on affected systems by sending specially crafted responses, posing a significant risk to network integrity and security.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1030265

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
May 26, 2014
Vulnerability Reserved
Feb 25, 2014