CVE-2015-6298

The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote authenticated users to obtain root privileges via crafted certificate-generation arguments, aka Bug ID CSCus83445.

Severity	HIGH
CVSS	9.0
CWE	CWE-78
KEV
Published	10 years ago
Modified	1 week ago

Related Products

Product	Advisory
Cisco Web Security Appliance (WSA)	cisco-sa-20151104-wsa
Cisco Secure Web Appliance	cisco-sa-20151104-wsa