Published: 20/01/2016 Updated: 07/12/2016

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

The proxy engine on Cisco Web Security Appliance (WSA) devices with software 8.5.3-055, 9.1.0-000, and 9.5.0-235 allows remote malicious users to bypass intended proxy restrictions via a malformed HTTP method, aka Bug ID CSCux00848.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco web security appliance 9.1.0-000
cisco web security appliance 9.5.0-235
cisco web security appliance 8.5.3-055

A vulnerability in the proxy engine of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass security restrictions The vulnerability is due to improper handling of malformed HTTP methods An attacker could exploit this vulnerability by crafting an improper HTTP method A successful exploit could allow t ...

Cisco patches borked web box proxy hole

The Register • Team Register • 20 Jan 2016

Malformed HTTP methods blamed

Cisco has patched a vulnerability in its Web Security Appliance that allows unauthenticated remote attackers to bypass security controls. The bug (CVE-2016-1296) allows attackers to use proxies when such traffic should be restricted. Affected users of versions 8.5.3-055, 9.1.0-000, and 9.5.0-235 should apply the released fix. With all due haste, please, as no workarounds are available. The Borg says the hole is thanks to malformed HTTP methods. "A vulnerability in the proxy engine of the Cisco W...

CVE-2016-1296

Vulnerability Summary

Vendor Advisories

Recent Articles

References

Vulmon Search

About

Products

Connect