What is the severity of CVE-2016-1382?

CVE-2016-1382 has been classified as a denial of service vulnerability.

How can I mitigate CVE-2016-1382?

To fix CVE-2016-1382, update your Cisco Web Security Appliance to version 8.5.3-069 or later.

Which Cisco Web Security Appliance versions are affected by CVE-2016-1382?

Versions prior to 8.5.3-069 and those from 8.6 to 8.8 are affected by CVE-2016-1382.

What type of attack does CVE-2016-1382 enable?

CVE-2016-1382 allows remote attackers to cause a denial of service via specially crafted HTTP requests.

What is the impact of CVE-2016-1382 on affected devices?

The impact of CVE-2016-1382 includes the potential for proxy-process reload leading to service disruption.

Vulnerability/
CVE-2016-1382

high

7.8

CWE

25/5/2016

5/8/2024

CVE-2016-1382: Input Validation

First published: Wed May 25 2016(Updated: )

Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) devices mishandles memory allocation for HTTP requests, which allows remote attackers to cause a denial of service (proxy-process reload) via a crafted request, aka Bug ID CSCuu02529.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Web Security Appliance
Cisco Web Security Appliance S390	=5.6.0-623
Cisco Web Security Appliance S390	=6.0.0-000
Cisco Web Security Appliance S390	=7.1.0
Cisco Web Security Appliance S390	=7.1.1
Cisco Web Security Appliance S390	=7.1.2
Cisco Web Security Appliance S390	=7.1.3
Cisco Web Security Appliance S390	=7.1.4
Cisco Web Security Appliance S390	=7.5.0-000
Cisco Web Security Appliance S390	=7.5.0-825
Cisco Web Security Appliance S390	=7.5.1-000
Cisco Web Security Appliance S390	=7.5.2-000
Cisco Web Security Appliance S390	=7.7.0-000
Cisco Web Security Appliance S390	=7.7.1-000
Cisco Web Security Appliance S390	=8.0.0-000
Cisco Web Security Appliance S390	=8.0.5
Cisco Web Security Appliance S390	=8.0.6
Cisco Web Security Appliance S390	=8.0.6-078
Cisco Web Security Appliance S390	=8.0.6-119
Cisco Web Security Appliance S390	=8.0.7
Cisco Web Security Appliance S390	=8.0.7-142
Cisco Web Security Appliance S390	=8.0.8-mr-113
Cisco Web Security Appliance S390	=8.5.0-497
Cisco Web Security Appliance S390	=8.5.0.000
Cisco Web Security Appliance S390	=8.5.1-021
Cisco Web Security Appliance S390	=8.5.2-024
Cisco Web Security Appliance S390	=8.5.2-027
Cisco Web Security Appliance S390	=8.5.3-055

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-1382?
CVE-2016-1382 has been classified as a denial of service vulnerability.
How can I mitigate CVE-2016-1382?
To fix CVE-2016-1382, update your Cisco Web Security Appliance to version 8.5.3-069 or later.
Which Cisco Web Security Appliance versions are affected by CVE-2016-1382?
Versions prior to 8.5.3-069 and those from 8.6 to 8.8 are affected by CVE-2016-1382.
What type of attack does CVE-2016-1382 enable?
CVE-2016-1382 allows remote attackers to cause a denial of service via specially crafted HTTP requests.
What is the impact of CVE-2016-1382 on affected devices?
The impact of CVE-2016-1382 includes the potential for proxy-process reload leading to service disruption.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/weakness
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco web security appliance
canonical/cisco web security appliance s390
version/cisco web security appliance s390/5.6.0-623
version/cisco web security appliance s390/6.0.0-000
version/cisco web security appliance s390/7.1.0
version/cisco web security appliance s390/7.1.1
version/cisco web security appliance s390/7.1.2
version/cisco web security appliance s390/7.1.3
version/cisco web security appliance s390/7.1.4
version/cisco web security appliance s390/7.5.0-000
version/cisco web security appliance s390/7.5.0-825
version/cisco web security appliance s390/7.5.1-000
version/cisco web security appliance s390/7.5.2-000
version/cisco web security appliance s390/7.7.0-000
version/cisco web security appliance s390/7.7.1-000
version/cisco web security appliance s390/8.0.0-000
version/cisco web security appliance s390/8.0.5
version/cisco web security appliance s390/8.0.6
version/cisco web security appliance s390/8.0.6-078
version/cisco web security appliance s390/8.0.6-119
version/cisco web security appliance s390/8.0.7
version/cisco web security appliance s390/8.0.7-142
version/cisco web security appliance s390/8.0.8-mr-113
version/cisco web security appliance s390/8.5.0-497
version/cisco web security appliance s390/8.5.0.000
version/cisco web security appliance s390/8.5.1-021
version/cisco web security appliance s390/8.5.2-024
version/cisco web security appliance s390/8.5.2-027
version/cisco web security appliance s390/8.5.3-055