A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote malicious user to bypass a configured rule, allowing traffic onto a network that should have been blocked. This vulnerability is due to improper detection of malicious traffic when the traffic is encoded with a specific content format. An attacker could exploit this vulnerability by using an affected device to connect to a malicious server and receiving crafted HTTP responses. A successful exploit could allow the malicious user to bypass an explicit block rule and receive traffic that should have been rejected by the device.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco asyncos 11.7.0-406 |
||
cisco asyncos 11.7.0-418 |
||
cisco asyncos 11.7.1-006 |
||
cisco asyncos 11.7.1-020 |
||
cisco asyncos 11.7.1-049 |
||
cisco asyncos 11.7.2-011 |
||
cisco asyncos 11.8.0-414 |
||
cisco asyncos 11.8.1-023 |
||
cisco asyncos 11.8.3-018 |
||
cisco asyncos 11.8.3-021 |
||
cisco asyncos 12.0.1-268 |
||
cisco asyncos 12.0.3-007 |
||
cisco asyncos 12.5.1-011 |
||
cisco asyncos 12.5.2-007 |
||
cisco asyncos 12.5.4-005 |
||
cisco asyncos 12.5.5-004 |
||
cisco asyncos 14.0.2-012 |
||
cisco asyncos 14.0.3-014 |
||
cisco asyncos 14.0.4-005 |
||
cisco asyncos 14.5.0-498 |
||
cisco asyncos 14.5.1-008 |
||
cisco asyncos 14.5.1-016 |
Vulmon