Vulnerabilities > CVE-2016-6407 - Resource Management Errors vulnerability in Cisco web Security Appliance

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
cisco
CWE-399

Summary

Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219.

Vulnerable Configurations

Part Description Count
Application
Cisco
41

Common Weakness Enumeration (CWE)