Vulnerabilites related to cisco - web_security_virtual_appliance
Vulnerability from fkie_nvd
Published
2015-06-26 10:59
Modified
2024-11-21 02:30
Severity ?
Summary
The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers' installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport | Vendor Advisory | |
| psirt@cisco.com | http://www.securityfocus.com/bid/75417 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1032725 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1032726 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/75417 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032725 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032726 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | content_security_management_virtual_appliance | 8.4.0.0150 | |
| cisco | content_security_management_virtual_appliance | 9.0.0.087 | |
| cisco | email_security_virtual_appliance | 8.0.0 | |
| cisco | email_security_virtual_appliance | 8.5.6 | |
| cisco | email_security_virtual_appliance | 8.5.7 | |
| cisco | email_security_virtual_appliance | 9.0.0 | |
| cisco | web_security_virtual_appliance | 7.7.5 | |
| cisco | web_security_virtual_appliance | 8.0.5 | |
| cisco | web_security_virtual_appliance | 8.5.0 | |
| cisco | web_security_virtual_appliance | 8.5.1 | |
| cisco | web_security_virtual_appliance | 8.6.0 | |
| cisco | web_security_virtual_appliance | 8.7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:content_security_management_virtual_appliance:8.4.0.0150:*:*:*:*:*:*:*",
"matchCriteriaId": "A7CC2842-66AE-4738-BF49-F491B4E1EF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:content_security_management_virtual_appliance:9.0.0.087:*:*:*:*:*:*:*",
"matchCriteriaId": "FE947E42-6952-49E4-9674-5C8E0900E3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A560D3EA-57DF-48A9-B7A1-957C226C625B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F44102CA-6BE5-42AD-910B-3A0BA911FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7C7E609D-0414-40AD-BD7D-D708C3B36986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:email_security_virtual_appliance:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C699F035-7418-4344-8FDE-7C180176186D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:7.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB49075-4E5C-46F2-8436-0A7BA7161972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "048F0725-C1B9-4D21-B7FE-2E81E72CFBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C7837ACC-B42E-4099-BF9F-87523637C91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "715190B6-9EBD-42DB-98B7-3FD410536F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E063B3C2-53CE-4732-8482-6A4B8EF0D02E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "675388FE-6B3D-4C90-BFB4-B997DDF47AB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630."
},
{
"lang": "es",
"value": "La caracter\u00edstica de soporte remoto en los dispositivos Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), y Security Management Virtual Appliance (SMAv) anterior a 2015-06-25 utiliza la misma clave autorizada de root SSH por defecto en las instalaciones de clientes diferentes, lo que facilita a atacantes remotos evadir la autenticaci\u00f3n mediante el aprovechamiento de conocimiento de una clave privada de otra instalaci\u00f3n, tambi\u00e9n conocido como Bug IDs CSCuu95988, CSCuu95994, y CSCuu96630."
}
],
"id": "CVE-2015-4216",
"lastModified": "2024-11-21T02:30:39.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-26T10:59:03.327",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75417"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032725"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032726"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-25 19:29
Modified
2024-11-21 03:30
Severity ?
Summary
A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88855. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270 10.1.1-234.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/99918 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1038956 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99918 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038956 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | web_security_appliance | 10.0.0-232 | |
| cisco | web_security_appliance | 10.0.0-233 | |
| cisco | web_security_appliance | 10.0_base | |
| cisco | web_security_appliance | 10.1.0 | |
| cisco | web_security_appliance | 10.1.0-204 | |
| cisco | web_security_appliance | 10.1.1-230 | |
| cisco | web_security_appliance | 10.5.0 | |
| cisco | web_security_appliance | 10.5.0-358 | |
| cisco | web_security_appliance | 11.0.0 | |
| cisco | web_security_appliance | 11.0.0-613 | |
| cisco | web_security_virtual_appliance | 10.0.0 | |
| cisco | web_security_virtual_appliance | 10.0_base | |
| cisco | web_security_virtual_appliance | 10.1.0 | |
| cisco | web_security_virtual_appliance | 10.1.1 | |
| cisco | web_security_virtual_appliance | 10.1_base | |
| cisco | web_security_virtual_appliance | 10.5.1 | |
| cisco | web_security_virtual_appliance | 10.5_base | |
| cisco | web_security_virtual_appliance | 11.0.0 | |
| cisco | web_security_virtual_appliance | 11.0_base |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0.0-232:*:*:*:*:*:*:*",
"matchCriteriaId": "8F4BDE8C-6D41-4BCF-8BB3-9256E2AD09E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0.0-233:*:*:*:*:*:*:*",
"matchCriteriaId": "5C84C8F0-4722-4385-B3CD-86E05F3D72BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "79B251F2-C0EF-41A5-9318-CAB6FF8D7D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6845F048-06E0-4F5D-A2BD-A8D856530D15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.0-204:*:*:*:*:*:*:*",
"matchCriteriaId": "AC71F9F5-B0BA-4415-A4C8-9D0B15732A54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.1-230:*:*:*:*:*:*:*",
"matchCriteriaId": "F89E6946-5451-4A35-BD48-BA260B7928F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F68D77CC-8FA7-436C-9799-EB691D145C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.0-358:*:*:*:*:*:*:*",
"matchCriteriaId": "96C185A6-D4DE-4EA0-952D-714CCCAF2B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9EA61C-3D1D-463A-802A-0073183CE39C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:11.0.0-613:*:*:*:*:*:*:*",
"matchCriteriaId": "5F8BB0F9-F14B-4EA5-B24E-FED0B8C1B264",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69528D17-2EA4-4CF5-B2D4-26B185C66ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "F260BF88-C6C4-41B7-BDE7-EC1CF4EFB74F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BED59A8D-41E6-448E-AEEF-91400742CC0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF6B908-B1A0-48FC-A481-CA2AF9738BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "F432D2A9-AF00-4578-B1DC-171876CE1C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD97A391-7E07-46EC-85D6-C17D1EB753A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.5_base:*:*:*:*:*:*:*",
"matchCriteriaId": "679B5A90-ED85-4086-916B-664FF2DD9EB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A5FAE893-BD18-481B-A65D-D2F235571836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:11.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "599D1619-F27A-4205-972C-3B4B9578C2E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88855. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270 10.1.1-234."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el analizador de la CLI de Web Security Appliance (WSA) de Cisco, podr\u00eda permitir a un atacante local autenticado realizar la inyecci\u00f3n de comandos y elevar los privilegios a root. El atacante necesita autenticarse con credenciales v\u00e1lidas de nivel de operador o de administrador. Productos afectados: versiones virtuales y de hardware de Web Security Appliance (WSA) de Cisco. M\u00e1s informaci\u00f3n: CSCvd88855. Versiones afectadas conocidas: 10.1.0-204. Versiones fijas conocidas: 10.5.1-270 10.1.1-234."
}
],
"id": "CVE-2017-6748",
"lastModified": "2024-11-21T03:30:26.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-25T19:29:00.270",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99918"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038956"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-25 19:29
Modified
2024-11-21 03:30
Severity ?
Summary
A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device, aka an Access Control Bypass Vulnerability. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88863. Known Affected Releases: 10.1.0-204 9.0.0-485.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/99967 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1038959 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa5 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99967 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038959 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa5 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | web_security_appliance | 9.0.0-162 | |
| cisco | web_security_appliance | 9.0.0-193 | |
| cisco | web_security_appliance | 9.0.0-485 | |
| cisco | web_security_appliance | 10.0.0-232 | |
| cisco | web_security_appliance | 10.0.0-233 | |
| cisco | web_security_appliance | 10.1.0-204 | |
| cisco | web_security_virtual_appliance | 9.0.0 | |
| cisco | web_security_virtual_appliance | 10.0.0 | |
| cisco | web_security_virtual_appliance | 10.1.0 | |
| cisco | web_security_virtual_appliance | 10.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:9.0.0-162:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BF001A-7ADB-4976-8A50-0EFC53FB6AEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:9.0.0-193:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD5471D-6A95-4BF2-9ECB-3F7AE74BCE57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:9.0.0-485:*:*:*:*:*:*:*",
"matchCriteriaId": "72CE42EB-F7F1-4F68-BFCF-B452A2C0AC13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0.0-232:*:*:*:*:*:*:*",
"matchCriteriaId": "8F4BDE8C-6D41-4BCF-8BB3-9256E2AD09E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0.0-233:*:*:*:*:*:*:*",
"matchCriteriaId": "5C84C8F0-4722-4385-B3CD-86E05F3D72BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.0-204:*:*:*:*:*:*:*",
"matchCriteriaId": "AC71F9F5-B0BA-4415-A4C8-9D0B15732A54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0CAE1AB3-224F-473D-8E41-DF641CFBF864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69528D17-2EA4-4CF5-B2D4-26B185C66ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BED59A8D-41E6-448E-AEEF-91400742CC0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF6B908-B1A0-48FC-A481-CA2AF9738BE0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device, aka an Access Control Bypass Vulnerability. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88863. Known Affected Releases: 10.1.0-204 9.0.0-485."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad proxy web de Cisco Web Security Appearance (WSA) podr\u00eda permitir que un atacante remoto no autenticado redirija tr\u00e1fico de la interfaz proxy web de un dispositivo afectado a una interfaz de administraci\u00f3n de un dispositivo afectado. Esta vulnerabilidad tambi\u00e9n se conoce como \"Access Control Bypass Vulnerability\". Productos afectados: versiones de hardware y virtuales de Cisco Web Security Appliance (WSA). M\u00e1s informaci\u00f3n: CSCvd88863. Versiones afectadas conocidas: 10.1.0-204 9.0.0-485."
}
],
"id": "CVE-2017-6751",
"lastModified": "2024-11-21T03:30:26.850",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-25T19:29:00.363",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99967"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038959"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa5"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-09-14 01:59
Modified
2024-11-21 02:34
Severity ?
Summary
Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=40896 | Vendor Advisory | |
| psirt@cisco.com | http://www.securityfocus.com/bid/76687 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1033530 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=40896 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/76687 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1033530 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | web_security_virtual_appliance | 8.0.5 | |
| cisco | web_security_virtual_appliance | 8.0.6 | |
| cisco | web_security_virtual_appliance | 8.0.7 | |
| cisco | web_security_virtual_appliance | 8.0_base |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "048F0725-C1B9-4D21-B7FE-2E81E72CFBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D59F3A-75BC-4AFF-A0A5-4A8E10F1F322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF30535-A238-4878-A91A-9CA8EC88AE17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "EE906D51-5AB2-42D0-B33C-0119C151A9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426."
},
{
"lang": "es",
"value": "Vulnerabilidad en Cisco Web Security Appliance (WSA) 8.0.7, permite a servidores HTTP remotos causar una denegaci\u00f3n de servicio (consumo de memoria desde conexiones TCP caducadas) a trav\u00e9s de respuestas manipuladas, tambi\u00e9n conocida como Bug ID CSCuw10426."
}
],
"id": "CVE-2015-6290",
"lastModified": "2024-11-21T02:34:42.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-09-14T01:59:07.717",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40896"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/76687"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/76687"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033530"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-25 19:29
Modified
2024-11-21 03:30
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88865. Known Affected Releases: 10.1.0-204.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/99875 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1038957 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa3 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99875 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038957 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa3 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | web_security_appliance | 10.0.0-232 | |
| cisco | web_security_appliance | 10.0.0-233 | |
| cisco | web_security_appliance | 10.0_base | |
| cisco | web_security_appliance | 10.1.0 | |
| cisco | web_security_appliance | 10.1.0-204 | |
| cisco | web_security_appliance | 10.1.1-230 | |
| cisco | web_security_appliance | 10.1.1-234 | |
| cisco | web_security_appliance | 10.1.1-235 | |
| cisco | web_security_appliance | 10.5.0 | |
| cisco | web_security_appliance | 10.5.0-358 | |
| cisco | web_security_appliance | 10.5.1-270 | |
| cisco | web_security_virtual_appliance | 10.0.0 | |
| cisco | web_security_virtual_appliance | 10.0_base | |
| cisco | web_security_virtual_appliance | 10.1.0 | |
| cisco | web_security_virtual_appliance | 10.1.1 | |
| cisco | web_security_virtual_appliance | 10.1_base | |
| cisco | web_security_virtual_appliance | 10.5.1 | |
| cisco | web_security_virtual_appliance | 10.5_base |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0.0-232:*:*:*:*:*:*:*",
"matchCriteriaId": "8F4BDE8C-6D41-4BCF-8BB3-9256E2AD09E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0.0-233:*:*:*:*:*:*:*",
"matchCriteriaId": "5C84C8F0-4722-4385-B3CD-86E05F3D72BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "79B251F2-C0EF-41A5-9318-CAB6FF8D7D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6845F048-06E0-4F5D-A2BD-A8D856530D15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.0-204:*:*:*:*:*:*:*",
"matchCriteriaId": "AC71F9F5-B0BA-4415-A4C8-9D0B15732A54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.1-230:*:*:*:*:*:*:*",
"matchCriteriaId": "F89E6946-5451-4A35-BD48-BA260B7928F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.1-234:*:*:*:*:*:*:*",
"matchCriteriaId": "F88C4824-EAE3-4636-92BE-1ADF944B1EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.1-235:*:*:*:*:*:*:*",
"matchCriteriaId": "4BA9660A-C242-4080-9B38-A819A3BBCF70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F68D77CC-8FA7-436C-9799-EB691D145C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.0-358:*:*:*:*:*:*:*",
"matchCriteriaId": "96C185A6-D4DE-4EA0-952D-714CCCAF2B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.1-270:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2F79DB-DA5F-47E1-9FE1-EF9114004BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69528D17-2EA4-4CF5-B2D4-26B185C66ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "F260BF88-C6C4-41B7-BDE7-EC1CF4EFB74F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BED59A8D-41E6-448E-AEEF-91400742CC0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF6B908-B1A0-48FC-A481-CA2AF9738BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "F432D2A9-AF00-4578-B1DC-171876CE1C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD97A391-7E07-46EC-85D6-C17D1EB753A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.5_base:*:*:*:*:*:*:*",
"matchCriteriaId": "679B5A90-ED85-4086-916B-664FF2DD9EB7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88865. Known Affected Releases: 10.1.0-204."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Web Security Appliance (WSA) de Cisco, podr\u00eda permitir a un atacante remoto autenticado conducir un ataque de tipo cross-site scripting (XSS) almacenado contra un usuario de la interfaz de administraci\u00f3n basada en web de un dispositivo afectado . Productos afectados: versiones virtuales y de hardware de Web Security Appliance (WSA) de Cisco. M\u00e1s informaci\u00f3n: CSCvd88865. Versiones afectadas conocidas: 10.1.0-204."
}
],
"id": "CVE-2017-6749",
"lastModified": "2024-11-21T03:30:26.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-25T19:29:00.300",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99875"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038957"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038957"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa3"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-06-26 10:59
Modified
2024-11-21 02:30
Severity ?
Summary
The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | content_security_management_virtual_appliance | 8.4.0.0150 | |
| cisco | content_security_management_virtual_appliance | 9.0.0.087 | |
| cisco | email_security_virtual_appliance | 8.0.0 | |
| cisco | email_security_virtual_appliance | 8.5.6 | |
| cisco | email_security_virtual_appliance | 8.5.7 | |
| cisco | email_security_virtual_appliance | 9.0.0 | |
| cisco | web_security_virtual_appliance | 7.7.5 | |
| cisco | web_security_virtual_appliance | 8.0.5 | |
| cisco | web_security_virtual_appliance | 8.5.0 | |
| cisco | web_security_virtual_appliance | 8.5.1 | |
| cisco | web_security_virtual_appliance | 8.6.0 | |
| cisco | web_security_virtual_appliance | 8.7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:content_security_management_virtual_appliance:8.4.0.0150:*:*:*:*:*:*:*",
"matchCriteriaId": "A7CC2842-66AE-4738-BF49-F491B4E1EF7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:content_security_management_virtual_appliance:9.0.0.087:*:*:*:*:*:*:*",
"matchCriteriaId": "FE947E42-6952-49E4-9674-5C8E0900E3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A560D3EA-57DF-48A9-B7A1-957C226C625B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F44102CA-6BE5-42AD-910B-3A0BA911FB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:email_security_virtual_appliance:8.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7C7E609D-0414-40AD-BD7D-D708C3B36986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:email_security_virtual_appliance:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C699F035-7418-4344-8FDE-7C180176186D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:7.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "ABB49075-4E5C-46F2-8436-0A7BA7161972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "048F0725-C1B9-4D21-B7FE-2E81E72CFBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C7837ACC-B42E-4099-BF9F-87523637C91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "715190B6-9EBD-42DB-98B7-3FD410536F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E063B3C2-53CE-4732-8482-6A4B8EF0D02E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "675388FE-6B3D-4C90-BFB4-B997DDF47AB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers\u0027 installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601."
},
{
"lang": "es",
"value": "La caracter\u00edstica de soporte remoto en los dispositivos Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), y Security Management Virtual Appliance (SMAv) anterior a 2015-06-25 utilice las mismas claves de anfitri\u00f3n SSH por defecto en las instalaciones de clientes diferentes, lo que facilita a atacantes remotos superar los mecanismos de protecci\u00f3n criptogr\u00e1fica mediante el aprovechamiento del conocimiento de una clave privada de otra instalaci\u00f3n, tambi\u00e9n conocido como Bug IDs CSCus29681, CSCuu95676, y CSCuu96601."
}
],
"id": "CVE-2015-4217",
"lastModified": "2024-11-21T02:30:39.247",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-26T10:59:04.343",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39461"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75418"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032725"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/75418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1032726"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-20 20:15
Modified
2024-11-21 05:43
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | web_security_virtual_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "040AA33F-3211-4DDD-B3B1-51A861327239",
"versionEndExcluding": "12.5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco AsyncOS para Cisco Web Security Appliance (WSA), podr\u00eda permitir a un atacante remoto autenticado conducir un ataque de tipo cross-site scripting (XSS) almacenado contra un usuario de la interfaz de un dispositivo afectado. La vulnerabilidad se presenta porque la interfaz de administraci\u00f3n basada en web no comprueba apropiadamente la entrada suministrada por el usuario. Un atacante podr\u00eda explotar esta vulnerabilidad insertando datos maliciosos en un campo de datos espec\u00edfico en una interfaz afectada. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz afectada"
}
],
"id": "CVE-2021-1271",
"lastModified": "2024-11-21T05:43:58.540",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-20T20:15:15.783",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-xss-RuB5WGqL"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-xss-RuB5WGqL"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@cisco.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-09-14 01:59
Modified
2024-11-21 02:34
Severity ?
Summary
Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka Bug IDs CSCur32005 and CSCur07907.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=40846 | Vendor Advisory | |
| psirt@cisco.com | http://www.securityfocus.com/bid/76677 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1033529 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=40846 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/76677 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1033529 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | web_security_virtual_appliance | 8.0.5 | |
| cisco | web_security_virtual_appliance | 8.0.6 | |
| cisco | web_security_virtual_appliance | 8.0_base |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "048F0725-C1B9-4D21-B7FE-2E81E72CFBD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D59F3A-75BC-4AFF-A0A5-4A8E10F1F322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:8.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "EE906D51-5AB2-42D0-B33C-0119C151A9B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka Bug IDs CSCur32005 and CSCur07907."
},
{
"lang": "es",
"value": "Vulnerabilidad en Cisco Web Security Appliance (WSA) 8.0.6-078 y 8.0.6-115, permite a atacantes remotos causar una denegaci\u00f3n de servicio (interrupci\u00f3n del servicio) a trav\u00e9s de una inundaci\u00f3n de tr\u00e1fico TCP lo que conduce a retrasos de resoluci\u00f3n DNS, tambi\u00e9n conocida como Bug IDs CSCur32005 y CSCur07907."
}
],
"id": "CVE-2015-6287",
"lastModified": "2024-11-21T02:34:42.373",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-09-14T01:59:05.433",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40846"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/76677"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/76677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1033529"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-04-02 03:58
Modified
2024-11-21 02:05
Severity ?
Summary
CRLF injection vulnerability in the web framework in Cisco Web Security Appliance (WSA) 7.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL, aka Bug ID CSCuj61002.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | web_security_virtual_appliance | * | |
| cisco | web_security_virtual_appliance | 7.1.0 | |
| cisco | web_security_virtual_appliance | 7.1.1 | |
| cisco | web_security_virtual_appliance | 7.1.2 | |
| cisco | web_security_virtual_appliance | 7.1.3 | |
| cisco | web_security_virtual_appliance | 7.1.4 | |
| cisco | web_security_virtual_appliance | 7.5.0 | |
| cisco | web_security_virtual_appliance | 7.5.1 | |
| cisco | web_security_appliance | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99467E7E-895E-42CE-941B-FE1F8FA3BA17",
"versionEndIncluding": "7.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:7.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "17B0FCCE-AF5D-4C9C-A9C2-5E23525272B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "819E916C-91BA-4513-9E5E-DD372A0F8C76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "16C7A627-9623-4B75-B5A9-81DEA6E9A5A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2C1C73C6-B1F1-4003-8875-900CC1F140D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "632BAAED-20A3-469A-AB17-9D473512CC28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:7.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E50CAD90-9D02-43D3-BA99-53131B42CDAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:7.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C03DC0BF-1B1C-4EC3-8642-3C256E2DE84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:web_security_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F24CCD0-DFAB-44D9-B29A-A6D925A83C93",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in the web framework in Cisco Web Security Appliance (WSA) 7.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL, aka Bug ID CSCuj61002."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n CRLF en el framework web en Cisco Web Security Appliance (WSA) 7.7 y anteriores permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y realizar ataques de redirecci\u00f3n a trav\u00e9s de una URL manipulada, tambi\u00e9n conocido como Bug ID CSCuj61002."
}
],
"id": "CVE-2014-2137",
"lastModified": "2024-11-21T02:05:43.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-04-02T03:58:17.123",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2137"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33608"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-25 19:29
Modified
2024-11-21 03:30
Severity ?
Summary
A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI, aka a Static Credentials Vulnerability. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCve06124. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@cisco.com | http://www.securityfocus.com/bid/99924 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | http://www.securitytracker.com/id/1038958 | Third Party Advisory, VDB Entry | |
| psirt@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa4 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99924 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038958 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa4 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | web_security_appliance | 10.0.0-232 | |
| cisco | web_security_appliance | 10.0.0-233 | |
| cisco | web_security_appliance | 10.0_base | |
| cisco | web_security_appliance | 10.1.0 | |
| cisco | web_security_appliance | 10.1.0-204 | |
| cisco | web_security_appliance | 10.1.1-230 | |
| cisco | web_security_appliance | 10.1.1-234 | |
| cisco | web_security_appliance | 10.1.1-235 | |
| cisco | web_security_appliance | 10.5.0 | |
| cisco | web_security_appliance | 10.5.0-358 | |
| cisco | web_security_virtual_appliance | 10.0.0 | |
| cisco | web_security_virtual_appliance | 10.0_base | |
| cisco | web_security_virtual_appliance | 10.1.0 | |
| cisco | web_security_virtual_appliance | 10.1.1 | |
| cisco | web_security_virtual_appliance | 10.1_base | |
| cisco | web_security_virtual_appliance | 10.5.1 | |
| cisco | web_security_virtual_appliance | 10.5_base |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0.0-232:*:*:*:*:*:*:*",
"matchCriteriaId": "8F4BDE8C-6D41-4BCF-8BB3-9256E2AD09E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0.0-233:*:*:*:*:*:*:*",
"matchCriteriaId": "5C84C8F0-4722-4385-B3CD-86E05F3D72BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "79B251F2-C0EF-41A5-9318-CAB6FF8D7D5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6845F048-06E0-4F5D-A2BD-A8D856530D15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.0-204:*:*:*:*:*:*:*",
"matchCriteriaId": "AC71F9F5-B0BA-4415-A4C8-9D0B15732A54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.1-230:*:*:*:*:*:*:*",
"matchCriteriaId": "F89E6946-5451-4A35-BD48-BA260B7928F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.1-234:*:*:*:*:*:*:*",
"matchCriteriaId": "F88C4824-EAE3-4636-92BE-1ADF944B1EAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.1.1-235:*:*:*:*:*:*:*",
"matchCriteriaId": "4BA9660A-C242-4080-9B38-A819A3BBCF70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F68D77CC-8FA7-436C-9799-EB691D145C3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.0-358:*:*:*:*:*:*:*",
"matchCriteriaId": "96C185A6-D4DE-4EA0-952D-714CCCAF2B00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69528D17-2EA4-4CF5-B2D4-26B185C66ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "F260BF88-C6C4-41B7-BDE7-EC1CF4EFB74F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BED59A8D-41E6-448E-AEEF-91400742CC0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF6B908-B1A0-48FC-A481-CA2AF9738BE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.1_base:*:*:*:*:*:*:*",
"matchCriteriaId": "F432D2A9-AF00-4578-B1DC-171876CE1C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD97A391-7E07-46EC-85D6-C17D1EB753A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:web_security_virtual_appliance:10.5_base:*:*:*:*:*:*:*",
"matchCriteriaId": "679B5A90-ED85-4086-916B-664FF2DD9EB7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI, aka a Static Credentials Vulnerability. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCve06124. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270."
},
{
"lang": "es",
"value": "Una vulnerabilidad en AsyncOS para Web Security Appliance (WSA) de Cisco, podr\u00eda permitir a un atacante local no autenticado iniciar sesi\u00f3n en el dispositivo con los privilegios de un usuario limitado o un atacante remoto no autenticado para autenticarse en ciertas \u00e1reas de la GUI basada en web, tambi\u00e9n se conoce como Vulnerabilidad de Credenciales Est\u00e1ticas. Productos afectados: versiones virtuales y de hardware de Web Security Appliance (WSA) de Cisco. M\u00e1s informaci\u00f3n: CSCve06124. Versiones afectadas conocidas: 10.1.0-204. Versiones fijas conocidas: 10.5.1-270."
}
],
"id": "CVE-2017-6750",
"lastModified": "2024-11-21T03:30:26.727",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-25T19:29:00.333",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99924"
},
{
"source": "psirt@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038958"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99924"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038958"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa4"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1188"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2017-6748
Vulnerability from cvelistv5
Published
2017-07-25 19:00
Modified
2024-08-05 15:41
Severity ?
EPSS score ?
Summary
A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88855. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270 10.1.1-234.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038956 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/99918 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco Web Security Appliance |
Version: Cisco Web Security Appliance |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038956",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038956"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2"
},
{
"name": "99918",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99918"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Web Security Appliance",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Web Security Appliance"
}
]
}
],
"datePublic": "2017-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88855. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270 10.1.1-234."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command Injection and Privilege Escalation Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-26T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1038956",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038956"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2"
},
{
"name": "99918",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99918"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6748",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Web Security Appliance",
"version": {
"version_data": [
{
"version_value": "Cisco Web Security Appliance"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88855. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270 10.1.1-234."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection and Privilege Escalation Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038956",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038956"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa2"
},
{
"name": "99918",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99918"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6748",
"datePublished": "2017-07-25T19:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-08-05T15:41:17.140Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-6290
Vulnerability from cvelistv5
Published
2015-09-14 01:00
Modified
2024-08-06 07:15
Severity ?
EPSS score ?
Summary
Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=40896 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1033530 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/76687 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:15:13.296Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150909 Cisco Web Security Appliance Malformed HTTP Response Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40896"
},
{
"name": "1033530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033530"
},
{
"name": "76687",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/76687"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-09-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150909 Cisco Web Security Appliance Malformed HTTP Response Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40896"
},
{
"name": "1033530",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033530"
},
{
"name": "76687",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/76687"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150909 Cisco Web Security Appliance Malformed HTTP Response Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40896"
},
{
"name": "1033530",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033530"
},
{
"name": "76687",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76687"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-6290",
"datePublished": "2015-09-14T01:00:00",
"dateReserved": "2015-08-17T00:00:00",
"dateUpdated": "2024-08-06T07:15:13.296Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6751
Vulnerability from cvelistv5
Published
2017-07-25 19:00
Modified
2024-08-05 15:41
Severity ?
EPSS score ?
Summary
A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device, aka an Access Control Bypass Vulnerability. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88863. Known Affected Releases: 10.1.0-204 9.0.0-485.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99967 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa5 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1038959 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco Web Security Appliance |
Version: Cisco Web Security Appliance |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99967",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99967"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa5"
},
{
"name": "1038959",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038959"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Web Security Appliance",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Web Security Appliance"
}
]
}
],
"datePublic": "2017-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device, aka an Access Control Bypass Vulnerability. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88863. Known Affected Releases: 10.1.0-204 9.0.0-485."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Access Control Bypass Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-27T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "99967",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99967"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa5"
},
{
"name": "1038959",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038959"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6751",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Web Security Appliance",
"version": {
"version_data": [
{
"version_value": "Cisco Web Security Appliance"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device, aka an Access Control Bypass Vulnerability. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88863. Known Affected Releases: 10.1.0-204 9.0.0-485."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Access Control Bypass Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99967",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99967"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa5",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa5"
},
{
"name": "1038959",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038959"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6751",
"datePublished": "2017-07-25T19:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-08-05T15:41:17.674Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6749
Vulnerability from cvelistv5
Published
2017-07-25 19:00
Modified
2024-08-05 15:41
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88865. Known Affected Releases: 10.1.0-204.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038957 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa3 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/99875 | vdb-entry, x_refsource_BID |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco Web Security Appliance |
Version: Cisco Web Security Appliance |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.092Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1038957",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038957"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa3"
},
{
"name": "99875",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99875"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Web Security Appliance",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Web Security Appliance"
}
]
}
],
"datePublic": "2017-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88865. Known Affected Releases: 10.1.0-204."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored Cross-Site Scripting Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-26T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1038957",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038957"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa3"
},
{
"name": "99875",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99875"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6749",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Web Security Appliance",
"version": {
"version_data": [
{
"version_value": "Cisco Web Security Appliance"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88865. Known Affected Releases: 10.1.0-204."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored Cross-Site Scripting Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1038957",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038957"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa3",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa3"
},
{
"name": "99875",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99875"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6749",
"datePublished": "2017-07-25T19:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-08-05T15:41:17.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4217
Vulnerability from cvelistv5
Published
2015-06-26 10:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1032725 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=39461 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1032726 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75418 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:11.355Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150625 Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
},
{
"name": "1032725",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032725"
},
{
"name": "20150625 Cisco Virtual WSA, ESA, and SMA Default SSH Host Keys Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39461"
},
{
"name": "1032726",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032726"
},
{
"name": "75418",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75418"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers\u0027 installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150625 Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
},
{
"name": "1032725",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032725"
},
{
"name": "20150625 Cisco Virtual WSA, ESA, and SMA Default SSH Host Keys Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39461"
},
{
"name": "1032726",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032726"
},
{
"name": "75418",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75418"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH host keys across different customers\u0027 installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a private key from another installation, aka Bug IDs CSCus29681, CSCuu95676, and CSCuu96601."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150625 Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
},
{
"name": "1032725",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032725"
},
{
"name": "20150625 Cisco Virtual WSA, ESA, and SMA Default SSH Host Keys Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39461"
},
{
"name": "1032726",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032726"
},
{
"name": "75418",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75418"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-4217",
"datePublished": "2015-06-26T10:00:00",
"dateReserved": "2015-06-04T00:00:00",
"dateUpdated": "2024-08-06T06:11:11.355Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1271
Vulnerability from cvelistv5
Published
2021-01-20 19:57
Modified
2024-11-12 20:23
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-xss-RuB5WGqL | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Web Security Appliance (WSA) |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:02:56.397Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20210120 Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-xss-RuB5WGqL"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1271",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-08T20:52:17.697299Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T20:23:57.954Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Web Security Appliance (WSA)",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-20T19:57:02",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20210120 Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-xss-RuB5WGqL"
}
],
"source": {
"advisory": "cisco-sa-wsa-xss-RuB5WGqL",
"defect": [
[
"CSCvu22019",
"CSCvv27761"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-01-20T16:00:00",
"ID": "CVE-2021-1271",
"STATE": "PUBLIC",
"TITLE": "Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Web Security Appliance (WSA)",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20210120 Cisco Web Security Appliance Stored Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-xss-RuB5WGqL"
}
]
},
"source": {
"advisory": "cisco-sa-wsa-xss-RuB5WGqL",
"defect": [
[
"CSCvu22019",
"CSCvv27761"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1271",
"datePublished": "2021-01-20T19:57:02.721609Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-12T20:23:57.954Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-6750
Vulnerability from cvelistv5
Published
2017-07-25 19:00
Modified
2024-08-05 15:41
Severity ?
EPSS score ?
Summary
A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI, aka a Static Credentials Vulnerability. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCve06124. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/99924 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa4 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1038958 | vdb-entry, x_refsource_SECTRACK |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco Web Security Appliance |
Version: Cisco Web Security Appliance |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:41:17.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "99924",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99924"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa4"
},
{
"name": "1038958",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038958"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Web Security Appliance",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Web Security Appliance"
}
]
}
],
"datePublic": "2017-07-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI, aka a Static Credentials Vulnerability. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCve06124. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Static Credentials Vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-26T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "99924",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99924"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa4"
},
{
"name": "1038958",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038958"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-6750",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Web Security Appliance",
"version": {
"version_data": [
{
"version_value": "Cisco Web Security Appliance"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the device with the privileges of a limited user or an unauthenticated, remote attacker to authenticate to certain areas of the web GUI, aka a Static Credentials Vulnerability. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCve06124. Known Affected Releases: 10.1.0-204. Known Fixed Releases: 10.5.1-270."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Static Credentials Vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "99924",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99924"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa4",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170719-wsa4"
},
{
"name": "1038958",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038958"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-6750",
"datePublished": "2017-07-25T19:00:00",
"dateReserved": "2017-03-09T00:00:00",
"dateUpdated": "2024-08-05T15:41:17.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-4216
Vulnerability from cvelistv5
Published
2015-06-26 10:00
Modified
2024-08-06 06:11
Severity ?
EPSS score ?
Summary
The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers' installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1032725 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id/1032726 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/75417 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:11:11.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150625 Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
},
{
"name": "1032725",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032725"
},
{
"name": "1032726",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032726"
},
{
"name": "75417",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75417"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150625 Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
},
{
"name": "1032725",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032725"
},
{
"name": "1032726",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032726"
},
{
"name": "75417",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75417"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-4216",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the same default SSH root authorized key across different customers\u0027 installations, which makes it easier for remote attackers to bypass authentication by leveraging knowledge of a private key from another installation, aka Bug IDs CSCuu95988, CSCuu95994, and CSCuu96630."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150625 Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport"
},
{
"name": "1032725",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032725"
},
{
"name": "1032726",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032726"
},
{
"name": "75417",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75417"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-4216",
"datePublished": "2015-06-26T10:00:00",
"dateReserved": "2015-06-04T00:00:00",
"dateUpdated": "2024-08-06T06:11:11.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-6287
Vulnerability from cvelistv5
Published
2015-09-14 01:00
Modified
2024-08-06 07:15
Severity ?
EPSS score ?
Summary
Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka Bug IDs CSCur32005 and CSCur07907.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1033529 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=40846 | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/76677 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T07:15:13.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1033529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1033529"
},
{
"name": "20150909 Cisco Web Security Appliance DNS Resolution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40846"
},
{
"name": "76677",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/76677"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-09-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka Bug IDs CSCur32005 and CSCur07907."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-20T16:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1033529",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1033529"
},
{
"name": "20150909 Cisco Web Security Appliance DNS Resolution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40846"
},
{
"name": "76677",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/76677"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-6287",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka Bug IDs CSCur32005 and CSCur07907."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1033529",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033529"
},
{
"name": "20150909 Cisco Web Security Appliance DNS Resolution Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40846"
},
{
"name": "76677",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/76677"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-6287",
"datePublished": "2015-09-14T01:00:00",
"dateReserved": "2015-08-17T00:00:00",
"dateUpdated": "2024-08-06T07:15:13.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2137
Vulnerability from cvelistv5
Published
2014-04-02 01:00
Modified
2024-08-06 10:05
Severity ?
EPSS score ?
Summary
CRLF injection vulnerability in the web framework in Cisco Web Security Appliance (WSA) 7.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL, aka Bug ID CSCuj61002.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=33608 | x_refsource_CONFIRM | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2137 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:05:59.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33608"
},
{
"name": "20140401 Cisco WSA HTTP Header Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in the web framework in Cisco Web Security Appliance (WSA) 7.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL, aka Bug ID CSCuj61002."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-04-02T01:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33608"
},
{
"name": "20140401 Cisco WSA HTTP Header Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2137"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2137",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in the web framework in Cisco Web Security Appliance (WSA) 7.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL, aka Bug ID CSCuj61002."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33608",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=33608"
},
{
"name": "20140401 Cisco WSA HTTP Header Injection Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2137"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2137",
"datePublished": "2014-04-02T01:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:05:59.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}