The proxy engine on Cisco Web Security Appliance (WSA) devices with software 8.5.3-055, 9.1.0-000, and 9.5.0-235 allows remote malicious users to bypass intended proxy restrictions via a malformed HTTP method, aka Bug ID CSCux00848.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco web security appliance 9.1.0-000 |
||
cisco web security appliance 9.5.0-235 |
||
cisco web security appliance 8.5.3-055 |
Malformed HTTP methods blamed
Cisco has patched a vulnerability in its Web Security Appliance that allows unauthenticated remote attackers to bypass security controls. The bug (CVE-2016-1296) allows attackers to use proxies when such traffic should be restricted. Affected users of versions 8.5.3-055, 9.1.0-000, and 9.5.0-235 should apply the released fix. With all due haste, please, as no workarounds are available. The Borg says the hole is thanks to malformed HTTP methods. "A vulnerability in the proxy engine of the Cisco W...