Cisco Web Security Appliance vulnerabilities

CVE-2018-0366 [MEDIUM] CWE-79 CVE-2018-0366: A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could al A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the

CVE-2018-0353 [HIGH] CWE-254 CVE-2018-0353: A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to circumvent Layer 4 Traffic Monitor (L4TM) functionality and bypass security protections. The vulnerability is due to a change in the underlying operating system software that is responsible for monitoring affected traf

CVE-2017-6783 [MEDIUM] CWE-200 CVE-2017-6783: A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance A vulnerability in SNMP polling for the Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to discover confidential information about the appliances that should be available only to an administrative user. The vulnerability occurs because the

CVE-2017-6746 [HIGH] CWE-20 CVE-2017-6746: A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authen A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid administrator credentials. Affected Products: Cisco AsyncOS Software 10.0 and later for WSA on both virtual and hardware applian

CVE-2017-6751 [HIGH] CWE-20 CVE-2017-6751: A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device, aka an Access Control Bypass Vulnerability. Affected Products: virtual and hardware

CVE-2017-6750 [HIGH] CWE-1188 CVE-2017-6750: A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI, aka a Static Credentials Vulnerability. Affected Products: virtual and hardware version

CVE-2017-6748 [MEDIUM] CWE-74 CVE-2017-6748: A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authentic A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtual and hardware versions of Cisco Web Security Applianc

CVE-2017-6749 [MEDIUM] CWE-79 CVE-2017-6749: A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could al A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA)

CVE-2017-3870 [MEDIUM] CWE-119 CVE-2017-3870: A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Applia A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA

CVE-2017-3827 [MEDIUM] CWE-20 CVE-2017-3827: A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Softwar A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass configured user filters on the device. Affected Products: This vulnerability affects all releases prior to the first f

CVE-2016-6469 [HIGH] CWE-399 CVE-2016-6469: A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could al A vulnerability in HTTP URL parsing of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) vulnerability due to the proxy process unexpectedly restarting. More Information: CSCvb04312. Known Affected Releases: 9.0.1-162 9.1.1-074. Known Fixed Releases: 10.1.0-129 9.1.2-0

CVE-2016-9212 [HIGH] CWE-20 CVE-2016-9212: A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS So A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect to a secure website over Secure Sockets Layer (SSL) or Transport Layer Security (TLS), even if the WSA is configured to block connections to the website. Af

CVE-2016-1411 [MEDIUM] CWE-310 CVE-2016-1411: A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appli A vulnerability in the update functionality of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Management Security Appliance (SMA) could allow an unauthenticated, remote attacker to impersonate the update server. More Information: CSCul88715, CSCul94617, CSCul94627. Known Affected

CVE-2016-6372 [HIGH] CWE-20 CVE-2016-6372: A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of the targeted device. Emails that should

CVE-2016-6360 [HIGH] CWE-20 CVE-2016-6360: A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and W A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to the AMP process unexpectedly restarting. Affected Products: Cisco AsyncOS Software for Email Security Appliances (ESA)

CVE-2016-6416 [MEDIUM] CWE-119 CVE-2016-6416: The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-0 The FTP service in Cisco AsyncOS on Email Security Appliance (ESA) devices 9.6.0-000 through 9.9.6-026, Web Security Appliance (WSA) devices 9.0.0-162 through 9.5.0-444, and Content Security Management Appliance (SMA) devices allows remote attackers to cause a denial of service via a flood of FTP traffic, aka Bug IDs CSCuz82907, CSCuz84330, and CSCuz8

CVE-2016-6407 [HIGH] CWE-399 CVE-2016-6407: Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to c Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219.

CVE-2016-1440 [MEDIUM] CWE-399 CVE-2016-1440: The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote atta The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468.

CVE-2016-1405 [HIGH] CWE-119 CVE-2016-1405: libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Emai libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv7

CVE-2016-1382 [HIGH] CWE-20 CVE-2016-1382: Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) devices mishandle Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) devices mishandles memory allocation for HTTP requests, which allows remote attackers to cause a denial of service (proxy-process reload) via a crafted request, aka Bug ID CSCuu02529.