cisco-sa-20160127-waascifs

Cisco Wide Area Application Service CIFS Denial of Service Vulnerability

cisco-sa-20160127-waascifs · High · Published 10 years ago · Updated 10 years ago

A vulnerability in the Common Internet File System (CIFS) optimization feature of the Cisco Wide Area Application Service (WAAS) device could allow an unauthenticated, remote attacker to perform a resource consumption attack which, could result in a complete denial of service (DoS) condition.   The vulnerability is due to insufficient flow handling of incoming CIFS traffic. An attacker could exploit this vulnerability by sending malicious traffic designed to trigger the vulnerability. An exploit could allow the attacker to cause a DoS condition by exhausting system buffering resources, resulting in a reload of the affected device. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs

Cisco advisory ·CSAF JSON

Workarounds

The workaround for this vulnerability is to configure the following command at the WAAS CLI:

# accelerator cifs expert RxCIFS IOCTLHandling true

This command disables part of the cifs-ao optimization process. The workaround causes some requests to be sent without being locally processed, which may cause a minor performance impact in the optimization of CIFS traffic.

CVEs	CVE-2015-6421
Cisco Bug IDs	CSCus85330
CVSS Score	Base 7.8 Base 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C
Product Names From Source	Cisco Wide Area Application Services (WAAS)

Related Products

Product	CVE	Evidence

Vulnslist

find the latest Cisco vulnerabilities

Cisco Wide Area Application Service CIFS Denial of Service Vulnerability

Workarounds

Related Products