CVE-2015-6421

Published: Jan 27, 2016Modified: May 6, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Virtual WAAS (vWAAS) devices 5.x before 5.3.5d and 5.4 and 5.5 before 5.5.3 allows remote attackers to cause a denial of service (resource consumption and device reload) via crafted network traffic, aka Bug ID CSCus85330.

Affected (13)

Products: Cisco: Wide Area Application Services

Cisco

1 product

Wide Area Application Services

Configuration A

13 vulnerable

Vulnerable Software	Affected Versions
Cisco Wide Area Application Services	Version 5.1.1
Cisco Wide Area Application Services	Version 5.1.1a
Cisco Wide Area Application Services	Version 5.1.1b
Cisco Wide Area Application Services	Version 5.1.1c
Cisco Wide Area Application Services	Version 5.1.1d
Cisco Wide Area Application Services	Version 5.2.1
Cisco Wide Area Application Services	Version 5.2_base
Cisco Wide Area Application Services	Version 5.3.1
Cisco Wide Area Application Services	Version 5.3.3
Cisco Wide Area Application Services	Version 5.3.5
Cisco Wide Area Application Services	Version 5.3.5a
Cisco Wide Area Application Services	Version 5.3.5b
Cisco Wide Area Application Services	Version 5.3.5c

Related CWEs

CWE-399

References (4)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs

Source: psirt@cisco.com

Vendor Advisory

http://www.securitytracker.com/id/1034831

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1034831

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.