Cisco Web Security Appliance Denial of Service Vulnerability (CVE-2015-6386)
Cisco Web Security Appliance Denial of Service Vulnerability (CVE-2015-6386)
Release date:
Updated on:
Affected Systems:
Cisco Web Security Appliance 8.5.1-021
Cisco Web Security Appliance 8.0.7-142
Description:
CVE (CAN) ID: CVE-2015-6386
Cisco Web Security Appliance is a secure Web gateway that integrates Malware Protection, visual application control, and policy control on a single platform.
For Cisco Web Security Appliance (WSA) devices (8.0.7-142 and 8.5.1-021), passthrough FTP has a Security vulnerability. After unauthenticated remote attackers start FTP connections through WSA, this vulnerability can cause high CPU utilization and DOS. This vulnerability is triggered when the FTP client interrupts the FTP control connection when data transfer is completed.
<* Source: Cisco
Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-wsa
*>
Suggestion:
Vendor patch:
Cisco
-----
Cisco has released a Security Bulletin (cisco-sa-20151130-wsa) and patches for this:
Cisco-sa-20151130-wsa: Cisco Web Security Appliance Native FTP Denial of Service Vulnerability
Link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-wsa
This article permanently updates the link address: