CVE-2015-6287Cisco WEB Security Virtual Appliance vulnerability

CWE-3994 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
0.7%
top 27.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco WEB Security Virtual Appliance
Timeline
PublishedSep 14
Latest updateMay 17

Description

Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka Bug IDs CSCur32005 and CSCur07907.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDcisco/web_security_virtual_appliance8.0.5, 8.0.6, 8.0_base+2

🔴Vulnerability Details

2
GHSA
GHSA-r224-hwf4-6cww: Cisco Web Security Appliance (WSA) 82022-05-17
CVEList
CVE-2015-6287: Cisco Web Security Appliance (WSA) 82015-09-14

📋Vendor Advisories

1
Cisco
Cisco Web Security Appliance DNS Resolution Vulnerability2015-09-09
CVE-2015-6287 — Cisco vulnerability | cvebase