Web Security Appliance@9.0.0-193 Security Vulnerabilities and Issues — Web Security Appliance@9.0.0-193 CVE List

Lucene search

CiscoWeb Security Appliance9.0.0-193

8 matches found

CVE•added 2017/07/25 7:29 p.m.•60 views

CVE-2017-6751

A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device, aka an Access Control Bypa...

7.5CVSS7.5AI score0.00469EPSS

CVE•added 2015/07/29 1:59 a.m.•41 views

CVE-2015-0732

Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web Security Appliance (WSA) 9.0.0-193; Email Security Appliance (ESA) 8.5.6-113, 9.1.0-032, 9.1.1-000, and 9.6.0-000; and Content Security Management Appliance (SMA) 9.1.0-033 allows remote attackers to inject arbitrary web script or...

4.3CVSS5.9AI score0.00296EPSS

CVE•added 2016/07/02 2:59 p.m.•41 views

CVE-2016-1440

The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468.

5.3CVSS5.4AI score0.00445EPSS

CVE•added 2016/10/28 10:59 a.m.•40 views

CVE-2016-6360

A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to the AMP process unexpectedly restarting. Affected Products: Ci...

7.5CVSS7.3AI score0.01361EPSS

CVE•added 2016/10/28 10:59 a.m.•39 views

CVE-2016-6372

A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the filtering...

7.5CVSS7.7AI score0.0027EPSS

CVE•added 2016/09/17 2:59 a.m.•35 views

CVE-2016-6407

Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219.

7.5CVSS7.5AI score0.01199EPSS

CVE•added 2016/03/03 10:59 p.m.•34 views

CVE-2016-1288

The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840.

5.3CVSS5.3AI score0.00445EPSS

CVE•added 2016/05/25 1:59 a.m.•34 views

CVE-2016-1381

Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an HTTP file-range request for cached content, aka Bug ID CSCuw97270.

7.8CVSS7.4AI score0.00486EPSS