Executive Summary

Title Cisco Web Security Appliance HTTPS Packet Processing Denial of Service Vulnerability
Name cisco-sa-20160302-wsa First vendor Publication 2016-03-02
Vendor Cisco Last vendor Modification 2016-03-02
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


A vulnerability in the web proxy framework of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker with the ability to negotiate a secure connection from within the trusted network to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of HTTPS packets. An attacker could exploit this vulnerability by sending a malformed HTTPS request packet through the affected device. A successful exploit could allow an attacker to create a DoS condition, causing all requests traversing the WSA to be dropped. The condition is temporary and no manual intervention is required to restore functionality.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-wsa BEGIN PGP SIGNATURE Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJW1xjZAAoJEK89gD3EAJB5qt0QAOMm2cWsVxNKWQul+HYxzATd KI82WfeAgoBxDMXsC1GcpnAwPEbOQMNW2lz9fg/M5dNoEKQjnsHm2pXQIj8OlT8D AYw3PmLac/Hs0EWz9G7b6MeuyyHcKTlLRNtg+K/wnX4Z5sqXe/p3cBJixmFbJZjC mkRXpIZrt9XjLZDBi89PQPzIDkJ5oDB7S+oWR/H9QBYyy3d723Fb6tRwzNvKCpLx IoYLVM8xV9Q+xTSJcPCrbER8wPZDm163SwTxkRs2RpY5uVswQKwJuyOzNUnQbcvX 9syjzPWE9WK8LZcy0fnz2n55Te1pcjDWadoftu+ZuOCiQHsAdmhhjSOuUZdCON2Z oF0q0Hd5rN9mB6TG4zIUGAsrwNWAJ4XKeWxJVyhIsuBIlAzFsDGRIMurRy+N97xS ZbfQ2yD27Ktm2E8aO1yqAerPEi8KQWfrOdvSxKWnxB0b4SmK729DPBOMk77O1JB6 StGeVtS6yp/PazvRAG7VPqgwneAbkxDOJNcNT966hjUcmgJGiURtWkpWd3RTUFh8 vjC2ei8eM3jJ2novh6XcQmRh9Z9i5h6BYQkNqs3K5egM/H6G3N36Ksk+L/cdCOdG EF1iST+L6pX2H51mmMufGfJg/sZNBRF4LL3zGTDxat8RLpwISzypRxQwLemZYC20 GEO5+YGIotDsyPcoQ3HL =aqwj END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

Application 1
Os 1

Nessus® Vulnerability Scanner

Date Description
2016-03-09 Name : The remote security appliance is affected by a denial of service vulnerability.
File : cisco-sa-20160302-wsa.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
Date Informations
2016-03-11 00:29:09
  • Multiple Updates
2016-03-10 13:25:20
  • Multiple Updates
2016-03-03 00:24:56
  • Multiple Updates
2016-03-03 00:20:38
  • First insertion