PT-2015-7157 · Cisco · Cisco Web Security Appliance
Published
2015-11-06
·
Updated
2016-12-07
·
CVE-2015-6293
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco Web Security Appliance (WSA) versions 8.0.0 through 8.0.7,
Cisco Web Security Appliance (WSA) versions 8.1.x,
Cisco Web Security Appliance (WSA) versions 8.5.0 through 8.5.2,
Cisco Web Security Appliance (WSA) versions 8.6.x,
Cisco Web Security Appliance (WSA) versions 8.7.0 through 8.7.0-170,
Cisco Web Security Appliance (WSA) versions 8.8.0 through 8.8.0-084
Description
The issue allows remote attackers to cause a denial of service via multiple file-range requests.
Recommendations
For versions 8.0.0 through 8.0.7, update to version 8.0.8-113 or later.
For versions 8.1.x, update to version 8.5.3-051 or later.
For versions 8.5.0 through 8.5.2, update to version 8.5.3-051 or later.
For versions 8.6.x, update to version 8.7.0-171-LD or later.
For versions 8.7.0 through 8.7.0-170, update to version 8.7.0-171-LD or later.
For versions 8.8.0 through 8.8.0-084, update to version 8.8.0-085 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Web Security Appliance