Cisco Web Security Appliance vulnerabilities

CVE-2016-1381 [HIGH] CWE-399 CVE-2016-1381: Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) device Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an HTTP file-range request for cached content, aka Bug ID CSCuw97270.

CVE-2016-1380 [HIGH] CWE-20 CVE-2016-1380: Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance (WSA) devices allows remote attackers t Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (proxy-process hang) via a crafted HTTP POST request, aka Bug ID CSCuo12171.

CVE-2016-1383 [HIGH] CWE-399 CVE-2016-1383: Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attac Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug ID CSCur28305.

CVE-2016-1288 [MEDIUM] CWE-20 CVE-2016-1288: The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security A The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840.

CVE-2016-1296 [HIGH] CWE-254 CVE-2016-1296: The proxy engine on Cisco Web Security Appliance (WSA) devices with software 8.5.3-055, 9.1.0-000, a The proxy engine on Cisco Web Security Appliance (WSA) devices with software 8.5.3-055, 9.1.0-000, and 9.5.0-235 allows remote attackers to bypass intended proxy restrictions via a malformed HTTP method, aka Bug ID CSCux00848.

CVE-2015-6386 [MEDIUM] CWE-399 CVE-2015-6386: The passthrough FTP feature on Cisco Web Security Appliance (WSA) devices with software 8.0.7-142 an The passthrough FTP feature on Cisco Web Security Appliance (WSA) devices with software 8.0.7-142 and 8.5.1-021 allows remote attackers to cause a denial of service (CPU consumption) via FTP sessions in which the control connection is ended after data transfer, aka Bug ID CSCut94150.

CVE-2015-6298 [CRITICAL] CWE-78 CVE-2015-6298: The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6 The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote authenticated users to obtain root privileges via crafted certificate-generation arguments, aka Bug ID CSCus83445.

CVE-2015-6293 [HIGH] CWE-399 CVE-2015-6293: Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-1 Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via multiple file-range requests, aka Bug ID CSCur39155.

CVE-2015-6292 [HIGH] CWE-399 CVE-2015-6292: The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2 The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2-004, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via multiple proxy connections, aka Bug ID CSCus10922.

CVE-2015-6321 [HIGH] CWE-399 CVE-2015-6321: Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x be Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security Appliance (ESA) devices; before 9.1.0-032, 9.1.1 before 9.1.1-005, and 9.5.x before 9.5.0-025 on Content Security Management Appliance (SMA) devices; and before 7.7.0-725 and 8.x before 8.0.8-113 on Web Security Appliance

CVE-2015-4288 [MEDIUM] CWE-310 CVE-2015-4288: The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Applianc The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content Security Management Appliance (SMA) 8.3.6-048 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, aka B

CVE-2015-0732 [MEDIUM] CWE-79 CVE-2015-0732: Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web Security Appliance (WSA) 9.0.0- Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web Security Appliance (WSA) 9.0.0-193; Email Security Appliance (ESA) 8.5.6-113, 9.1.0-032, 9.1.1-000, and 9.6.0-000; and Content Security Management Appliance (SMA) 9.1.0-033 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuu37

CVE-2015-4198 [MEDIUM] CWE-79 CVE-2015-4198: Cross-site scripting (XSS) vulnerability in the web framework on Cisco Web Security Appliance (WSA) Cross-site scripting (XSS) vulnerability in the web framework on Cisco Web Security Appliance (WSA) devices with software 8.5.0-497 allows remote attackers to inject arbitrary web script or HTML via an unspecified HTTP header, aka Bug ID CSCuu24409.

CVE-2015-0738 [MEDIUM] CWE-79 CVE-2015-0738: Cross-site scripting (XSS) vulnerability in the Web Tracking Report page on Cisco Web Security Appli Cross-site scripting (XSS) vulnerability in the Web Tracking Report page on Cisco Web Security Appliance (WSA) devices 8.5.0-497 allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCuu16008.

CVE-2015-0693 [HIGH] CWE-20 CVE-2015-0693: Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use of the pickle Python module during certain tunnel-status checks, which allows local users to execute arbitrary Python code and gain privileges via a crafted pickle file, aka Bug ID CSCut39259.

CVE-2015-0698 [MEDIUM] CWE-79 CVE-2015-0698: Multiple cross-site scripting (XSS) vulnerabilities in filter search forms in admin web pages on Cis Multiple cross-site scripting (XSS) vulnerabilities in filter search forms in admin web pages on Cisco Web Security Appliance (WSA) devices with software 8.5.0-497 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCut39213.

CVE-2015-0692 [HIGH] CWE-264 CVE-2015-0692: Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use of the pickle Python module during certain tunnel-status checks, which allows local users to execute arbitrary Python code and gain privileges via crafted serialized objects, aka Bug ID CSCut39230.