HomePentest-Tools.com Logo

Cisco Web Security Appliance HTTP URL Denial of Service Vulnerability CVE-2016-6469

Severity
CVSSv3 Score
7.5
Vulnerability description

A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process unexpectedly restarting.

Risk description

The vulnerability is due to improper input validation of the HTTP URL string. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition due to the proxy process restarting.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 14, 2016
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available