CVE-2016-1383

Published: May 25, 2016Modified: May 6, 2026

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug ID CSCur28305.

Affected (27)

Products: Cisco: Web Security Appliance (wsa)

Cisco

1 product

Web Security Appliance (wsa)

Configuration A

27 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Cisco Web Security Appliance (wsa)	Version 5.6.0-623
Cisco Web Security Appliance (wsa)	Version 6.0.0-000
Cisco Web Security Appliance (wsa)	Version 7.1.0
Cisco Web Security Appliance (wsa)	Version 7.1.1
Cisco Web Security Appliance (wsa)	Version 7.1.2
Cisco Web Security Appliance (wsa)	Version 7.1.3
Cisco Web Security Appliance (wsa)	Version 7.1.4
Cisco Web Security Appliance (wsa)	Version 7.5.0-000
Cisco Web Security Appliance (wsa)	Version 7.5.0-825
Cisco Web Security Appliance (wsa)	Version 7.5.1-000
Cisco Web Security Appliance (wsa)	Version 7.5.2-000
Cisco Web Security Appliance (wsa)	Version 7.7.0-000
Cisco Web Security Appliance (wsa)	Version 7.7.1-000
Cisco Web Security Appliance (wsa)	Version 8.0.0-000
Cisco Web Security Appliance (wsa)	Version 8.0.5
Cisco Web Security Appliance (wsa)	Version 8.0.6-078
Cisco Web Security Appliance (wsa)	Version 8.0.6-119
Cisco Web Security Appliance (wsa)	Version 8.0.6
Cisco Web Security Appliance (wsa)	Version 8.0.7-142
Cisco Web Security Appliance (wsa)	Version 8.0.7
Cisco Web Security Appliance (wsa)	Version 8.0.8-mr-113
Cisco Web Security Appliance (wsa)	Version 8.5.0-497
Cisco Web Security Appliance (wsa)	Version 8.5.0.000
Cisco Web Security Appliance (wsa)	Version 8.5.1-021
Cisco Web Security Appliance (wsa)	Version 8.5.2-024
Cisco Web Security Appliance (wsa)	Version 8.5.2-027
Cisco Web Security Appliance (wsa)	Version 8.5.3-055

Running on/with	Platform Versions
Cisco Web Security Appliance	All versions

Related CWEs

CWE-399

References (4)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4

Source: psirt@cisco.com

Vendor Advisory

http://www.securitytracker.com/id/1035911

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1035911

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.