CVE-2016-6437
Published Oct 27, 2016
Last updated 7 years ago
Overview
- Description
- A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a performance degradation. More Information: CSCva03095. Known Affected Releases: 5.3(5), 6.1(1), 6.2(1). Known Fixed Releases: 5.3(5g)1, 6.2(2.32).
- Source
- ykramarz@cisco.com
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 5.9
- Impact score
- 3.6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 7.1
- Impact score
- 6.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:N/A:C
Weaknesses
- nvd@nist.gov
- CWE-399
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42AE57F9-A8CB-4B16-9E0E-0214472A5965"
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B91434B8-5A74-4A35-98BE-DE29315BD6A0"
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A2A6770-320F-4D57-B730-9B00CD2C1CAB"
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.3.5a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "595C3309-19F5-411D-97D2-E0E162623BF1"
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.3.5b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D69269F3-CD7E-48C4-8EF3-3AB019F0D8B0"
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.3.5c:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0EC3F275-173F-4E95-A8A7-7A0142DC24DC"
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.3.5d:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A34DCC03-91F1-4894-9348-39FBFA7E7296"
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.3.5e:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6381E3F-F727-436B-8999-6CDFC64AE372"
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:5.3.5f:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F7147FD-908D-4710-BA1F-4D34F5DC4EE5"
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:6.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2006878-8AE8-4862-9C0C-11A5D8881392"
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:6.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A0FF4E7-67C4-4CCB-9F65-BEFB8ECD9A05"
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:6.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "824B8C4F-EE4C-4654-BA85-B9AB68BF4491"
},
{
"criteria": "cpe:2.3:a:cisco:wide_area_application_services:6.2.1a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F29DEA22-F270-44C9-8A6D-F7563A4AE6A5"
}
],
"operator": "OR"
}
]
}
]