Detections
Analytics
Cisco Web Security Appliance Multiple Vulnerabilities
critical Nessus Plugin ID 86916
Language:
Synopsis
The remote security appliance is missing a vendor-supplied patch.Description
According to its self-reported version, the Cisco Web Security Appliance (WSA) running on the remote host is affected by the following vulnerabilities :- A denial of service vulnerability exists due to a failure to free memory objects when retrieving data from the proxy server to terminate a TCP connection. An unauthenticated, remote attacker can exploit this, by opening a large number of proxy connections, to cause exhaustion of memory, resulting in the WSA to stop passing traffic. (CVE-2015-6292)
- A denial of service vulnerability exists due to a failure to free memory when a file range is requested.
An unauthenticated, remote attacker can exploit this, by opening multiple connections that request file ranges, to cause exhaustion of memory, resulting in the WSA to stop passing traffic. (CVE-2015-6293)
- A flaw exists in the certificate generation process due to improper validation of parameters passed to the affected scripts of the web interface. An authenticated, remote attacker can exploit this, via crafted arguments to the parameters, to execute arbitrary commands on the system with root level privileges. (CVE-2015-6298)
- A denial of service vulnerability exists due to improper handling of TCP packets sent at a high rate. An unauthenticated, remote attacker can exploit this to exhaust all available memory, preventing any more TCP connections from being accepted. (CVE-2015-6321)
Solution
Apply the relevant updates referenced in Cisco Security Advisories cisco-sa-20151104-aos, cisco-sa-20151104-wsa, cisco-sa-20151104-wsa1, and cisco-sa-20151104-wsa2.See Also
http://www.nessus.org/u?561dad7b
http://www.nessus.org/u?9afe6628
Plugin Details
Severity: Critical
ID: 86916
File Name: cisco-sa-20151104-aos_wsa.nasl
Version: 1.8
Type: local
Family: CISCO
Published: 11/18/2015
Updated: 5/20/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 9
Temporal Score: 6.7
Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2015-6298
CVSS v3
Risk Factor: Critical
Base Score: 9.9
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Information
CPE: cpe:/h:cisco:web_security_appliance, cpe:/a:cisco:web_security_appliance, cpe:/o:cisco:web_security_appliance, cpe:/o:cisco:asyncos
Required KB Items: Host/AsyncOS/Cisco Web Security Appliance/DisplayVersion, Host/AsyncOS/Cisco Web Security Appliance/Version
Exploit Ease: No known exploits are available
Patch Publication Date: 11/4/2015
Vulnerability Publication Date: 11/4/2015
Reference Information
CVE: CVE-2015-6292, CVE-2015-6293, CVE-2015-6298, CVE-2015-6321
CISCO-SA: cisco-sa-20151104-aos, cisco-sa-20151104-wsa, cisco-sa-20151104-wsa1, cisco-sa-20151104-wsa2
CISCO-BUG-ID: CSCur39155, CSCus10922, CSCus83445, CSCuu29304, CSCzv95795