CVE-2019-1672

Name of the Vulnerable Software and Affected Versions Cisco Web Security Appliance versions 10.1.x through 10.5.x

Description The issue is related to the incorrect handling of SSL-encrypted traffic in the Decryption Policy Default Action functionality. This could allow a remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The attacker could exploit this by sending a SSL connection through the affected device, potentially bypassing a configured drop policy to block specific SSL connections.

Recommendations For versions 10.1.x through 10.5.x, consider disabling the Decrypt for End-User Notification feature in the configuration as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.