CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2016/05/25 1:0 a.m.•54 views

CVE-2016-1383

Cisco AsyncOS on Web Security Appliance (WSA) up to version 8.8 is affected by CVE-2016-1383 due to a memory handling flaw when processing a certain HTTP response code, causing a denial of service via memory exhaustion. A remote, unauthenticated attacker can exploit this with specially crafted HT...

7.8CVSS7.4AI score0.01094EPSS

Cvelist•added 2016/05/25 1:0 a.m.•18 views

CVE-2016-1381

Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via an HTTP file-range request for cached content, aka Bug ID CSCuw97270...

7.5AI score0.01094EPSS

CVE•added 2016/05/25 1:0 a.m.•44 views

CVE-2016-1382

Cisco AsyncOS on Web Security Appliance (WSA) is affected by CVE-2016-1382 due to improper memory allocation for HTTP requests, enabling unauthenticated remote DoS via crafted HTTP traffic that can trigger a proxy-process reload. Affected versions are Cisco AsyncOS prior to 8.5.3-069 and 8.6 thro...

7.8CVSS7.4AI score0.00486EPSS

Cvelist•added 2016/05/25 1:0 a.m.•25 views

CVE-2016-1380

7.4AI score0.00561EPSS

CVE•added 2016/05/25 1:0 a.m.•41 views

CVE-2016-1381

CVE-2016-1381 concerns Cisco AsyncOS on Web Security Appliance (WSA) versions 8.5–9.0 before 9.0.1-162. The issue is a memory leak in the cached file-range request path: an unauthenticated, remote attacker can open multiple connections that request file ranges from cached content, causing memory ...

7.8CVSS7.4AI score0.01094EPSS

CVE•added 2016/05/25 1:0 a.m.•47 views

CVE-2016-1380

CVE-2016-1380 affects Cisco AsyncOS on Web Security Appliance (WSA): Software versions 8.0 before 8.0.6-119 are vulnerable to a denial of service via a crafted HTTP POST request that causes the proxy process to hang. Exploitation requires no authentication and is remote. The issue stems from impr...

7.8CVSS7.3AI score0.00561EPSS

Cvelist•added 2016/05/25 1:0 a.m.•28 views

CVE-2016-1382

Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance WSA devices mishandles memory allocation for HTTP requests, which allows remote attackers to cause a denial of service proxy-process reload via a crafted request, aka Bug ID CSCuu02529...

7.4AI score0.00486EPSS

Cvelist•added 2016/05/25 1:0 a.m.•23 views

CVE-2016-1383

Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service memory consumption via an unspecified HTTP status code, aka Bug ID CSCur28305...

7.5AI score0.01094EPSS

myhack58•added 2016/05/24 12:0 a.m.•60 views

Cisco fixes high-risk network security equipment vulnerability-vulnerability warning-the black bar safety net

! These defects can be specially crafted HTTP request to use to cause a denial of service condition The Cisco system had been repaired four denial of service vulnerability these vulnerabilities can be exploited by attackers to cause network security devices to stop properly handle network traffic...

0.9AI score

Exploits0

OpenVAS•added 2016/05/23 12:0 a.m.•18 views

Cisco WSA Multiple Vulnerabilities 05/16

Cisco WSA Software is prone to multiple vulnerabilities. CVE-2016-1380 A vulnerability that occurs when parsing an HTTP POST request with Cisco AsyncOS for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS vulnerability due to the...

7.8CVSS7.7AI score0.01094EPSS

Exploits0References4

CNVD•added 2016/05/19 12:0 a.m.•2 views

Cisco Web Security Appliance AsyncOS Denial of Service Vulnerability (CNVD-2016-03366)

Cisco Web Security Appliance WSA is a set of Web security appliances from the U.S. company Cisco Cisco. The appliance provides SaaS-based access control, real-time network reporting and tracking, and security policy development, etc. Cisco AsyncOS is a set of operating systems running on it. A...

7.8CVSS6.7AI score0.00486EPSS

CNVD•added 2016/05/19 12:0 a.m.•2 views

Cisco Web Security Appliance AsyncOS Denial of Service Vulnerability

7.8CVSS6.7AI score0.00561EPSS

CNVD•added 2016/05/19 12:0 a.m.•2 views

Cisco Web Security Appliance AsyncOS Denial of Service Vulnerability (CNVD-2016-03368)

7.8CVSS6.8AI score0.01094EPSS

Cisco•added 2016/05/18 4:0 p.m.•26 views

Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability

A vulnerability that occurs when parsing an HTTP POST request with Cisco AsyncOS for Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS vulnerability due to the proxy process becoming unresponsive. The vulnerability is due to a lack o...

7.8CVSS7.6AI score0.00561EPSS

Cisco•added 2016/05/18 4:0 p.m.•27 views

Cisco Web Security Appliance Connection Denial of Service Vulnerability

A vulnerability in Cisco AsyncOS for the Cisco Web Security Appliance WSA when the software handles a specific HTTP response code could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an appliance because the appliance runs out of system memory. The...

7.1CVSS7.7AI score0.01094EPSS

Cisco•added 2016/05/18 4:0 p.m.•29 views

Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability

A vulnerability in HTTP request parsing in Cisco AsyncOS for the Cisco Web Security Appliance WSA could allow an unauthenticated, remote attacker to cause a denial of service DoS condition when the proxy process unexpectedly restarts. The vulnerability occurs because the affected software does no...

7.8CVSS7.6AI score0.00486EPSS

OSV•added 2016/03/03 10:59 p.m.•1 views

CVE-2016-1288

The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance WSA devices allows remote attackers to cause a denial of service service outage by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840...

5.3CVSS5.8AI score0.00445EPSS