Описание
Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an HTTP file-range request for cached content, aka Bug ID CSCuw97270.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:h:cisco:web_security_appliance:-:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:cisco:web_security_appliance:8.5.0-497:*:*:*:*:*:*:*
cpe:2.3:a:cisco:web_security_appliance:8.5.0.000:*:*:*:*:*:*:*
cpe:2.3:a:cisco:web_security_appliance:8.5.1-021:*:*:*:*:*:*:*
cpe:2.3:a:cisco:web_security_appliance:8.5.2-024:*:*:*:*:*:*:*
cpe:2.3:a:cisco:web_security_appliance:8.5.2-027:*:*:*:*:*:*:*
cpe:2.3:a:cisco:web_security_appliance:8.5.3-055:*:*:*:*:*:*:*
cpe:2.3:a:cisco:web_security_appliance:9.0.0-193:*:*:*:*:*:*:*
cpe:2.3:a:cisco:web_security_appliance:9.0_base:*:*:*:*:*:*:*
cpe:2.3:a:cisco:web_security_appliance:9.1.0-000:*:*:*:*:*:*:*
cpe:2.3:a:cisco:web_security_appliance:9.1_base:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01094
Низкий
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-399
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an HTTP file-range request for cached content, aka Bug ID CSCuw97270.
EPSS
Процентиль: 78%
0.01094
Низкий
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-399