CVE-2016-6437

Опубликовано: 27 окт. 2016

Источник: nvd

CVSS3: 5.9

CVSS2: 7.1

EPSS Низкий

Описание

A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a performance degradation. More Information: CSCva03095. Known Affected Releases: 5.3(5), 6.1(1), 6.2(1). Known Fixed Releases: 5.3(5g)1, 6.2(2.32).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cisco:wide_area_application_services:5.3.1:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:5.3.3:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:5.3.5:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:5.3.5a:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:5.3.5b:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:5.3.5c:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:5.3.5d:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:5.3.5e:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:5.3.5f:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:6.1.0:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:6.1.1:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:6.2.1:*:*:*:*:*:*:*

cpe:2.3:a:cisco:wide_area_application_services:6.2.1a:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00711

Низкий

5.9 Medium

CVSS3

7.1 High

CVSS2

Дефекты

CWE-399

Связанные уязвимости

GHSA-mpwr-fprg-72gv