Lucene search

Kaspersky LabKLA10613

HistoryJul 08, 2014 - 12:00 a.m.

KLA10613 Denial of service vulnerability in Microsoft Service Bus

2014-07-0800:00:00

Kaspersky Lab

threats.kaspersky.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

6.5

Confidence

High

EPSS

0.005

Percentile

76.8%

JSON

An unspecified vulnerability was found in Microsoft Service Bus. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed AMQP messages.

Original advisories

CVE-2014-2814

Related products

Microsoft-Service-Bus

CVE list

CVE-2014-2814 warning

KB list

2972621

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

Affected Products

Microsoft Service Bus 1.1

References

support.microsoft.com/kb/2972621

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-2814

statistics.securelist.com/

threats.kaspersky.com/en/product/Microsoft-Service-Bus/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

6.5

Confidence

High

EPSS

0.005

Percentile

76.8%

JSON

Related for KLA10613