← Back

CVE-2016-6437

nvd nist
Published: Oct 27, 2016Modified: May 6, 2026

JSON object

Loading...
5.9
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 2.2 / Impact: 3.6
Source: NVD

Description

A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a performance degradation. More Information: CSCva03095. Known Affected Releases: 5.3(5), 6.1(1), 6.2(1). Known Fixed Releases: 5.3(5g)1, 6.2(2.32).

Affected (13)

Cisco
1 product
Wide Area Application Services
Configuration A
13 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Wide Area Application Services
Version 5.3.1
Wide Area Application Services
Version 5.3.3
Wide Area Application Services
Version 5.3.5
Wide Area Application Services
Version 5.3.5a
Wide Area Application Services
Version 5.3.5b
Wide Area Application Services
Version 5.3.5c
Wide Area Application Services
Version 5.3.5d
Wide Area Application Services
Version 5.3.5e
Wide Area Application Services
Version 5.3.5f
Wide Area Application Services
Version 6.1.0
Wide Area Application Services
Version 6.1.1
Wide Area Application Services
Version 6.2.1
Wide Area Application Services
Version 6.2.1a

Related CWEs

CWE-399
CWE-399

References (6)

Source: psirt@cisco.com
Source: psirt@cisco.com
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.