CVE-2016-1383

Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug ID CSCur28305.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
ciscoweb_security_appliance_\(wsa\)
5.6.0-623
ciscoweb_security_appliance_\(wsa\)
6.0.0-000
ciscoweb_security_appliance_\(wsa\)
7.1.0
ciscoweb_security_appliance_\(wsa\)
7.1.1
ciscoweb_security_appliance_\(wsa\)
7.1.2
ciscoweb_security_appliance_\(wsa\)
7.1.3
ciscoweb_security_appliance_\(wsa\)
7.1.4
ciscoweb_security_appliance_\(wsa\)
7.5.0-000
ciscoweb_security_appliance_\(wsa\)
7.5.0-825
ciscoweb_security_appliance_\(wsa\)
7.5.1-000
ciscoweb_security_appliance_\(wsa\)
7.5.2-000
ciscoweb_security_appliance_\(wsa\)
7.7.0-000
ciscoweb_security_appliance_\(wsa\)
7.7.1-000
ciscoweb_security_appliance_\(wsa\)
8.0.0-000
ciscoweb_security_appliance_\(wsa\)
8.0.5
ciscoweb_security_appliance_\(wsa\)
8.0.6
ciscoweb_security_appliance_\(wsa\)
8.0.6-078
ciscoweb_security_appliance_\(wsa\)
8.0.6-119
ciscoweb_security_appliance_\(wsa\)
8.0.7
ciscoweb_security_appliance_\(wsa\)
8.0.7-142
ciscoweb_security_appliance_\(wsa\)
8.0.8-mr-113
ciscoweb_security_appliance_\(wsa\)
8.5.0-497
ciscoweb_security_appliance_\(wsa\)
8.5.0.000
ciscoweb_security_appliance_\(wsa\)
8.5.1-021
ciscoweb_security_appliance_\(wsa\)
8.5.2-024
ciscoweb_security_appliance_\(wsa\)
8.5.2-027
ciscoweb_security_appliance_\(wsa\)
8.5.3-055
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4
http://www.securitytracker.com/id/1035911
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4
http://www.securitytracker.com/id/1035911