Vulnslist

find the latest Cisco vulnerabilities

Cisco Web Security Appliance Decryption Policy Bypass Vulnerability

cisco-sa-20190206-wsa-bypass · Medium · Published · Updated

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorrect handling of SSL-encrypted traffic when Decrypt for End-User Notification is disabled in the configuration. An attacker could exploit this vulnerability by sending a SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured drop policy to block specific SSL connections. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-wsa-bypass

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2019-1672
Cisco Bug IDsCSCvm91630
CVSS ScoreBase 5.8
Base 5.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Web Security Appliance (WSA), Cisco Secure Web Appliance

Related Products

Product CVE Evidence
Cisco Web Security Appliance (WSA) CVE-2019-1672 Cisco OpenVuln
Cisco Secure Web Appliance CVE-2019-1672 Cisco OpenVuln