Vulnerabilities > CVE-2015-6386 - Resource Management Errors vulnerability in Cisco web Security Appliance 8.0.7142/8.5.1021

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
cisco
CWE-399

Summary

The passthrough FTP feature on Cisco Web Security Appliance (WSA) devices with software 8.0.7-142 and 8.5.1-021 allows remote attackers to cause a denial of service (CPU consumption) via FTP sessions in which the control connection is ended after data transfer, aka Bug ID CSCut94150.

Vulnerable Configurations

Part Description Count
Application
Cisco
2

Common Weakness Enumeration (CWE)