CVE-2016-1382
Published May 25, 2016
Last updated 8 years ago
Overview
- Description
- Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) devices mishandles memory allocation for HTTP requests, which allows remote attackers to cause a denial of service (proxy-process reload) via a crafted request, aka Bug ID CSCuu02529.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:web_security_appliance:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8F24CCD0-DFAB-44D9-B29A-A6D925A83C93"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):5.6.0-623:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28647FC3-A6F5-476D-B75C-B93573350420"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):6.0.0-000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3732507-B22B-4410-B93B-A30E157F51C3"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "261EB727-C409-4839-AA11-60192D8D08E6"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "71A96AB4-38C2-477F-9C57-3263DA739F63"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "48EDA671-1858-4112-9F92-F621F553F7C9"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D98BC2CA-0019-4884-88CA-86CFDA96E332"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5BA0694-C26D-4CC1-A372-3ABDC2B2A03B"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.5.0-000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "080702CA-6D92-4054-87A7-61F821C8B327"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.5.0-825:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A051A86E-6FF5-44E1-85E6-CB818B58CBBC"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.5.1-000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "77326395-9F74-43ED-9CA2-C142EB6219E0"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.5.2-000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4CBCCB5E-0AB7-42E9-9264-C8EF27E0FA88"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.7.0-000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D80DDAB-272F-4B57-8D5F-B12A11E5FC35"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.7.1-000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "847838A1-0305-435B-A4A0-CC476F9B0DB5"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.0-000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5FA9F218-A9AB-4711-9AD0-7A99D9D23168"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC4A2EAF-AF87-489F-B69E-7604CC176752"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6449A831-C0D0-4C43-B1A4-715F560FCABB"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.6-078:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "386D87AD-5552-4103-B1B3-079604746F67"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.6-119:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29B00067-7DFC-426C-94B8-24A48647E03D"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D535C0B-1CBE-4F9E-BA90-31E0496EE354"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.7-142:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33FBBCA4-0526-47FA-A35A-212347A7A188"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.8-mr-113:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7B7C1E4C-21B8-433D-829F-6A84B22ED29D"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.5.0-497:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E837FF6-2B3C-4AEF-A29C-841A2B332668"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.5.0.000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6688EAFC-A3F5-4BC0-991B-BD8C158A2CE0"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.5.1-021:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "253E1900-D6E2-448A-9AE4-8D276912281B"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.5.2-024:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6644686-C51E-4367-9518-46013F6B3A5F"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.5.2-027:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6461E708-07E4-487C-B07D-1E9EAE72478E"
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.5.3-055:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3394552B-CDD0-4F52-A80F-76AF7235E681"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]