5
CVSSv2

CVE-2016-1288

Published: 03/03/2016 Updated: 30/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

The HTTPS Proxy feature in Cisco AsyncOS prior to 8.5.3-051 and 9.x prior to 9.0.0-485 on Web Security Appliance (WSA) devices allows remote malicious users to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco web security appliance 8.5.0-497

cisco web security appliance 9.0.0-193

Vendor Advisories

A vulnerability in the web proxy framework of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker with the ability to negotiate a secure connection from within the trusted network to cause a denial of service (DoS) condition on the affected device The vulnerability is due to incorrect processing of HTTPS packet ...