CVE-2013-3385

Name of the Vulnerable Software and Affected Versions Cisco Web Security Appliance versions prior to 7.1.3-013 Cisco Web Security Appliance versions prior to 7.5.0-838 Cisco Web Security Appliance versions prior to 7.7.0-602 Cisco Email Security Appliance versions prior to 7.1.5-106 Cisco Email Security Appliance versions 7.3 Cisco Email Security Appliance versions 7.5 Cisco Email Security Appliance versions 7.6 prior to 7.6.3-019 Cisco Content Security Management Appliance versions prior to 7.9.1-102 Cisco Content Security Management Appliance versions 8.0 prior to 8.0.0-404

Description The management GUI in the web framework allows remote attackers to cause a denial of service via a series of HTTP or HTTPS requests to a management interface.

Recommendations For Cisco Web Security Appliance versions prior to 7.1.3-013, update to version 7.1.3-013 or later. For Cisco Web Security Appliance versions prior to 7.5.0-838, update to version 7.5.0-838 or later. For Cisco Web Security Appliance versions prior to 7.7.0-602, update to version 7.7.0-602 or later. For Cisco Email Security Appliance versions prior to 7.1.5-106, update to version 7.1.5-106 or later. For Cisco Email Security Appliance version 7.3, update to a fixed version. For Cisco Email Security Appliance version 7.5, update to a fixed version. For Cisco Email Security Appliance versions 7.6 prior to 7.6.3-019, update to version 7.6.3-019 or later. For Cisco Content Security Management Appliance versions prior to 7.9.1-102, update to version 7.9.1-102 or later. For Cisco Content Security Management Appliance versions 8.0 prior to 8.0.0-404, update to version 8.0.0-404 or later.