CVE-2016-1382

Name of the Vulnerable Software and Affected Versions Cisco Web Security Appliance (WSA) versions prior to 8.5.3-069 Cisco Web Security Appliance (WSA) versions 8.6 through 8.8

Description The issue is related to the mishandling of memory allocation for HTTP requests. This allows remote attackers to cause a denial of service, resulting in a proxy-process reload, via a crafted request.

Recommendations For versions prior to 8.5.3-069, update to version 8.5.3-069 or later. For versions 8.6 through 8.8, update to a version outside of this range, as no specific fixed version within the range is provided. As a temporary workaround, consider restricting access to the HTTP request handling component to minimize the risk of exploitation.