The Visio Graphics Service has a minimum cache age setting that may cause a security issue ((SharePoint Server)

APPLIES TO: yes-img-132013 yes-img-162016 yes-img-192019 yes-img-seSubscription Edition no-img-sopSharePoint in Microsoft 365

Rule Name: The Visio Graphics Service has a minimum cache age setting that may cause a security issue

Summary: Setting Minimum Cache Age to 0 minutes may leave the Visio Graphics Service open to a denial of service (DoS) attack. A value of 0 for this setting might lead to large processor and network load of the Visio Graphics Service and SharePoint Server, decreasing the expected performance of both. However, increasing this value means that users will not see their data-connected diagrams refreshing as frequently.

Cause: The Minimum Cache Age setting was set to 0 minutes.

Resolution: Increase the value of the Minimum Cache Age setting

  1. Verify that the user account that is performing this procedure is an administrator of the Visio Graphics Service service application.

  2. In Central Administration, on the Home page, in the Application Management section, click Manage service applications.

  3. On the Service Applications page, click the Visio Graphics service application.

  4. On the Manage the Visio Graphics Service page, click Global Settings.

  5. Ensure that the settings have the values that are listed in the following table. If they do not, type the value in the corresponding text box and click OK.

Setting Value
Maximum Web Drawing Size
<= 25 (Megabytes)
Minimum Cache Age
>= 5 (Minutes)
Maximum Cache Age
<= 60 (Minutes)
Maximum Recalc Duration
<= 60 (Seconds)
Maximum Cache Size
>= 5120 (Megabytes)