Published: 06/11/2015 Updated: 07/12/2016

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

The proxy-cache implementation in Cisco AsyncOS 8.0.x prior to 8.0.7-151, 8.1.x and 8.5.x prior to 8.5.2-004, 8.6.x and 8.7.x prior to 8.7.0-171-LD, and 8.8.x prior to 8.8.0-085 on Web Security Appliance (WSA) devices allows remote malicious users to cause a denial of service (memory consumption) via multiple proxy connections, aka Bug ID CSCus10922.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco web security appliance 8.0.0-000
cisco web security appliance 8.0.5
cisco web security appliance 8.5.0.000
cisco web security appliance 8.5.0-497
cisco web security appliance 8.0.6-119
cisco web security appliance 8.0.6

A vulnerability in the proxy cache functionality of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition because the device runs out of system memory The vulnerability is due to improper memory operations by the affected software The software fails to fr ...

CWE-399 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-wsa1 http://www.securitytracker.com/id/1034062 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-wsa1

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-6292

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect