Vulnerabilities > Cisco > WEB Security Appliance
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-02 | CVE-2016-1440 | Resource Management Errors vulnerability in Cisco web Security Appliance The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468. | 5.3 |
| 2016-06-08 | CVE-2016-1405 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503. | 7.5 |
| 2016-05-25 | CVE-2016-1381 | Resource Management Errors vulnerability in Cisco web Security Appliance Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an HTTP file-range request for cached content, aka Bug ID CSCuw97270. | 7.5 |
| 2016-05-25 | CVE-2016-1380 | Improper Input Validation vulnerability in Cisco web Security Appliance Cisco AsyncOS 8.0 before 8.0.6-119 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (proxy-process hang) via a crafted HTTP POST request, aka Bug ID CSCuo12171. | 7.5 |
| 2016-03-03 | CVE-2016-1288 | Improper Input Validation vulnerability in Cisco web Security Appliance 8.5.0497/9.0.0193 The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840. | 5.3 |
| 2016-01-20 | CVE-2016-1296 | 7PK - Security Features vulnerability in Cisco web Security Appliance 8.5.3055/9.1.0000/9.5.0235 The proxy engine on Cisco Web Security Appliance (WSA) devices with software 8.5.3-055, 9.1.0-000, and 9.5.0-235 allows remote attackers to bypass intended proxy restrictions via a malformed HTTP method, aka Bug ID CSCux00848. | 7.5 |