Lucene search

K
CiscoWeb Security Appliance8.5.0-497

11 matches found

CVE
CVE
added 2015/11/06 3:59 a.m.49 views

CVE-2015-6293

Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via multiple file-range requests, aka Bug ID CSCur3...

7.8CVSS6.9AI score0.00887EPSS
CVE
CVE
added 2015/11/06 11:59 a.m.48 views

CVE-2015-6292

The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2-004, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via multiple pr...

7.8CVSS6.9AI score0.00887EPSS
CVE
CVE
added 2016/05/25 1:59 a.m.41 views

CVE-2016-1380

Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (proxy-process hang) via a crafted HTTP POST request, aka Bug ID CSCuo12171.

7.8CVSS7.3AI score0.00192EPSS
CVE
CVE
added 2016/07/02 2:59 p.m.41 views

CVE-2016-1440

The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468.

5.3CVSS5.4AI score0.00445EPSS
CVE
CVE
added 2015/06/20 2:59 p.m.40 views

CVE-2015-4198

Cross-site scripting (XSS) vulnerability in the web framework on Cisco Web Security Appliance (WSA) devices with software 8.5.0-497 allows remote attackers to inject arbitrary web script or HTML via an unspecified HTTP header, aka Bug ID CSCuu24409.

4.3CVSS6AI score0.00416EPSS
CVE
CVE
added 2016/10/28 10:59 a.m.39 views

CVE-2016-6372

A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the filtering...

7.5CVSS7.7AI score0.0027EPSS
CVE
CVE
added 2015/05/17 1:59 a.m.38 views

CVE-2015-0738

Cross-site scripting (XSS) vulnerability in the Web Tracking Report page on Cisco Web Security Appliance (WSA) devices 8.5.0-497 allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCuu16008.

4.3CVSS6AI score0.00263EPSS
CVE
CVE
added 2015/11/06 11:59 a.m.36 views

CVE-2015-6298

The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote authenticated users to obtain root privileges via crafted certificate-generation arg...

9CVSS6.5AI score0.00456EPSS
CVE
CVE
added 2016/09/17 2:59 a.m.35 views

CVE-2016-6407

Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219.

7.5CVSS7.5AI score0.01199EPSS
CVE
CVE
added 2016/03/03 10:59 p.m.34 views

CVE-2016-1288

The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840.

5.3CVSS5.3AI score0.00445EPSS
CVE
CVE
added 2016/05/25 1:59 a.m.34 views

CVE-2016-1381

Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an HTTP file-range request for cached content, aka Bug ID CSCuw97270.

7.8CVSS7.4AI score0.00486EPSS