Vulnerabilities > Cisco > WEB Security Appliance > 7.5.0.000

DATE CVE VULNERABILITY TITLE RISK
2016-10-28 CVE-2016-6372 Improper Input Validation vulnerability in Cisco Email Security Appliance and web Security Appliance
A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of the targeted device.
network
low complexity
cisco CWE-20
7.5
2016-09-17 CVE-2016-6407 Resource Management Errors vulnerability in Cisco web Security Appliance
Cisco AsyncOS through 9.5.0-444 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (link saturation) by making many HTTP requests for overlapping byte ranges simultaneously, aka Bug ID CSCuz27219.
network
low complexity
cisco CWE-399
7.5
2016-07-02 CVE-2016-1440 Resource Management Errors vulnerability in Cisco web Security Appliance
The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468.
network
low complexity
cisco CWE-399
5.3