CVE-2019-1886
published 2019-07-04CVE-2019-1886: A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of…
high8.6CVSS 3.1
AVNACLPRNUINSCCNINAH
A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Secure Sockets Layer (SSL) server certificates. An attacker could exploit this vulnerability by installing a malformed certificate in a web server and sending a request to it through the Cisco WSA. A successful exploit could allow the attacker to cause an unexpected restart of the proxy process on an affected device.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | asyncos | >= 10.5 < 10.5.5-005 | 10.5.5-005 |
| cisco | asyncos | >= 11.5 < 11.5.2-020 | 11.5.2-020 |
| cisco | cisco_web_security_appliance | >= unspecified < 10.5.5-005 | 10.5.5-005 |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance | — | — |
| cisco | web_security_appliance_https | — | — |