Vulnslist

find the latest Cisco vulnerabilities

Cisco Web Security Appliance Range Request Denial of Service Vulnerability

cisco-sa-20151104-wsa2 · High · Published · Updated

A vulnerability in the file-range request functionality of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an appliance because the appliance runs out of system memory. The vulnerability is due to a failure to free memory when a file range is requested through the Cisco WSA. An attacker could exploit this vulnerability by opening multiple connections that request file ranges through the WSA. A successful exploit could allow the attacker to cause the WSA to stop passing traffic when enough memory is used and not freed. Cisco has released software updates that address this vulnerability. A workaround that mitigates this vulnerability is also available. This advisory is available at the following link:  https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-wsa2

Cisco advisory ·CSAF JSON

Workarounds

If the results of using the status detail command in the Cisco WSA CLI indicate an accumulation of TCP connections, as described in the "Indicators of Compromise" section, use the hidden diagnostic -> PROXY -> KICK command to restart the proxy process and reclaim memory.

CVEsCVE-2015-6293
Cisco Bug IDsCSCur39155, CSCuu29304
CVSS ScoreBase 7.8
Base 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C
Product Names From Source
Cisco Web Security Appliance (WSA), Cisco Secure Web Appliance

Related Products

Product CVE Evidence
Cisco RV Series Routers CVE-2015-6293 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2015-6293 Cisco OpenVuln
Cisco Web Security Appliance (WSA) CVE-2015-6293 Cisco OpenVuln
Cisco Secure Web Appliance CVE-2015-6293 Cisco OpenVuln