CVE-2016-1440

Published: Jul 2, 2016Modified: May 6, 2026

5.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468.

Affected (37)

Products: Cisco: Web Security Appliance

Cisco

1 product

Web Security Appliance

Configuration A

37 vulnerable

Vulnerable Software	Affected Versions
Cisco Web Security Appliance	Version 5.6.0-623
Cisco Web Security Appliance	Version 6.0.0-000
Cisco Web Security Appliance	Version 7.1.0
Cisco Web Security Appliance	Version 7.1.1
Cisco Web Security Appliance	Version 7.1.2
Cisco Web Security Appliance	Version 7.1.3
Cisco Web Security Appliance	Version 7.1.4
Cisco Web Security Appliance	Version 7.5.0-000
Cisco Web Security Appliance	Version 7.5.0-825
Cisco Web Security Appliance	Version 7.5.1-000
Cisco Web Security Appliance	Version 7.5.2-000
Cisco Web Security Appliance	Version 7.5.2-hp2-303
Cisco Web Security Appliance	Version 7.7.0-000
Cisco Web Security Appliance	Version 7.7.0-608
Cisco Web Security Appliance	Version 7.7.1-000
Cisco Web Security Appliance	Version 7.7.5-835
Cisco Web Security Appliance	Version 8.0.0-000
Cisco Web Security Appliance	Version 8.0.5
Cisco Web Security Appliance	Version 8.0.5_hp1
Cisco Web Security Appliance	Version 8.0.6-078
Cisco Web Security Appliance	Version 8.0.6-119
Cisco Web Security Appliance	Version 8.0.6
Cisco Web Security Appliance	Version 8.0.7-142
Cisco Web Security Appliance	Version 8.0.7
Cisco Web Security Appliance	Version 8.0.8-mr-113
Cisco Web Security Appliance	Version 8.5.0-497
Cisco Web Security Appliance	Version 8.5.0.000
Cisco Web Security Appliance	Version 8.5.1-021
Cisco Web Security Appliance	Version 8.5.2-024
Cisco Web Security Appliance	Version 8.5.2-027
Cisco Web Security Appliance	Version 8.5.3-055
Cisco Web Security Appliance	Version 8.8.0-000
Cisco Web Security Appliance	Version 8.8.0-085
Cisco Web Security Appliance	Version 9.0.0-193
Cisco Web Security Appliance	Version 9.0_base
Cisco Web Security Appliance	Version 9.1.0-000
Cisco Web Security Appliance	Version 9.1.0-070

Related CWEs

CWE-399

References (4)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa

Source: psirt@cisco.com

Vendor Advisory

http://www.securitytracker.com/id/1036188

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id/1036188

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.