Denial of Service Vulnerability in Cisco Web Security Appliance
CVE-2015-6290

Currently unrated

Key Information:

Vendor: Cisco
Status: Web Security Virtual Appliance
Vendor: CVE Published:; 14 September 2015

Summary

Cisco Web Security Appliance version 8.0.7 is subject to a denial of service vulnerability that can be exploited by remote HTTP servers. This exploitation occurs through crafted HTTP responses that lead to excessive memory consumption due to stale TCP connections, ultimately impacting the availability of services. Administrators should ensure their systems are updated to mitigate the risk associated with this vulnerability.

References

http://tools.cisco.com/security/center/viewAlert.x?alertI...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1033530

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/76687

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Sep 14, 2015
Vulnerability Reserved
Aug 17, 2015