PT-2015-7177 · Cisco · Cisco Content Security Management Appliance+2
Publicado
2015-11-06
·
Atualizado
2016-12-07
·
CVE-2015-6321
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco Email Security Appliance (ESA) versions 8.5.7-042 and earlier, 9.x versions prior to 9.1.0-032, 9.1.x versions prior to 9.1.1-023, and 9.5.x and 9.6.x versions prior to 9.6.0-042
Cisco Content Security Management Appliance (SMA) versions prior to 9.1.0-032, 9.1.1 versions prior to 9.1.1-005, and 9.5.x versions prior to 9.5.0-025
Cisco Web Security Appliance (WSA) versions prior to 7.7.0-725 and 8.x versions prior to 8.0.8-113
Description
The issue allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets.
Recommendations
For Cisco Email Security Appliance (ESA) versions 8.5.7-042 and earlier, 9.x versions prior to 9.1.0-032, 9.1.x versions prior to 9.1.1-023, and 9.5.x and 9.6.x versions prior to 9.6.0-042, update to version 8.5.7-042 or later, 9.1.0-032 or later, 9.1.1-023 or later, or 9.6.0-042 or later respectively.
For Cisco Content Security Management Appliance (SMA) versions prior to 9.1.0-032, 9.1.1 versions prior to 9.1.1-005, and 9.5.x versions prior to 9.5.0-025, update to version 9.1.0-032 or later, 9.1.1-005 or later, or 9.5.0-025 or later respectively.
For Cisco Web Security Appliance (WSA) versions prior to 7.7.0-725 and 8.x versions prior to 8.0.8-113, update to version 7.7.0-725 or later or 8.0.8-113 or later respectively.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Content Security Management Appliance
Cisco Email Security Appliance
Cisco Web Security Appliance