Cisco Web Security Appliance is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause unexpected restart of the proxy process; denying service to legitimate users.
This issue is being tracked by Cisco Bug ID CSCvo33747.
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
| Bugtraq ID: | 109049 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | CVE-2019-1886 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 03 2019 12:00AM |
| Updated: | Jul 03 2019 12:00AM |
| Credit: | Cisco |
| Vulnerable: | Cisco Web Security Appliance 11.7.0-FCS-334 Cisco Web Security Appliance 10.5.2-072 Cisco Cisco Web Security Appliance 10.5.3-025 Cisco AsyncOS Software 11.5 Cisco AsyncOS Software 10.5 Cisco AsyncOS Software 10.1 Cisco AsyncOS Software 10.0 |
| Not Vulnerable: | Cisco Web Security Appliance 11.7.0-FCS-418 Cisco Web Security Appliance 11.7.0-418 Cisco Web Security Appliance 11.7.0-406 Cisco Web Security Appliance 11.5.2-020 Cisco Web Security Appliance 10.5.5-005 Cisco AsyncOS Software 11.5.2-020 Cisco AsyncOS Software 10.5.5-005 |
References:
from SecurityFocus Vulnerabilities https://ift.tt/2RU6KQr
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.