Cisco Web Security Appliance HTTP URL Denial of Service Vulnerability CVE-2016-6469
- CVSSv3 Score
- Vulnerability description
A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process unexpectedly restarting.
- Risk description
The vulnerability is due to improper input validation of the HTTP URL string. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to cause a DoS condition due to the proxy process restarting.
See the referenced vendor advisory for a solution.
- Not available