CVE-2016-1440

First published: Sat Jul 02 2016(Updated: )

The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Web Security Appliance	=5.6.0-623
Cisco Web Security Appliance	=6.0.0-000
Cisco Web Security Appliance	=7.1.0
Cisco Web Security Appliance	=7.1.1
Cisco Web Security Appliance	=7.1.2
Cisco Web Security Appliance	=7.1.3
Cisco Web Security Appliance	=7.1.4
Cisco Web Security Appliance	=7.5.0-000
Cisco Web Security Appliance	=7.5.0-825
Cisco Web Security Appliance	=7.5.1-000
Cisco Web Security Appliance	=7.5.2-000
Cisco Web Security Appliance	=7.5.2-hp2-303
Cisco Web Security Appliance	=7.7.0-000
Cisco Web Security Appliance	=7.7.0-608
Cisco Web Security Appliance	=7.7.1-000
Cisco Web Security Appliance	=7.7.5-835
Cisco Web Security Appliance	=8.0.0-000
Cisco Web Security Appliance	=8.0.5
Cisco Web Security Appliance	=8.0.5_hp1
Cisco Web Security Appliance	=8.0.6
Cisco Web Security Appliance	=8.0.6-078
Cisco Web Security Appliance	=8.0.6-119
Cisco Web Security Appliance	=8.0.7
Cisco Web Security Appliance	=8.0.7-142
Cisco Web Security Appliance	=8.0.8-mr-113
Cisco Web Security Appliance	=8.5.0-497
Cisco Web Security Appliance	=8.5.0.000
Cisco Web Security Appliance	=8.5.1-021
Cisco Web Security Appliance	=8.5.2-024
Cisco Web Security Appliance	=8.5.2-027
Cisco Web Security Appliance	=8.5.3-055
Cisco Web Security Appliance	=8.8.0-000
Cisco Web Security Appliance	=8.8.0-085
Cisco Web Security Appliance	=9.0.0-193
Cisco Web Security Appliance	=9.0_base
Cisco Web Security Appliance	=9.1.0-000
Cisco Web Security Appliance	=9.1.0-070

Never miss a vulnerability like this again

Reference Links

collector/nvd-index
agent/references
agent/weakness
agent/severity
agent/author
agent/type
agent/description
agent/event
agent/tags
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/cisco
canonical/cisco web security appliance
version/cisco web security appliance/5.6.0-623
version/cisco web security appliance/6.0.0-000
version/cisco web security appliance/7.1.0
version/cisco web security appliance/7.1.1
version/cisco web security appliance/7.1.2
version/cisco web security appliance/7.1.3
version/cisco web security appliance/7.1.4
version/cisco web security appliance/7.5.0-000
version/cisco web security appliance/7.5.0-825
version/cisco web security appliance/7.5.1-000
version/cisco web security appliance/7.5.2-000
version/cisco web security appliance/7.5.2-hp2-303
version/cisco web security appliance/7.7.0-000
version/cisco web security appliance/7.7.0-608
version/cisco web security appliance/7.7.1-000
version/cisco web security appliance/7.7.5-835
version/cisco web security appliance/8.0.0-000
version/cisco web security appliance/8.0.5
version/cisco web security appliance/8.0.5_hp1
version/cisco web security appliance/8.0.6
version/cisco web security appliance/8.0.6-078
version/cisco web security appliance/8.0.6-119
version/cisco web security appliance/8.0.7
version/cisco web security appliance/8.0.7-142
version/cisco web security appliance/8.0.8-mr-113
version/cisco web security appliance/8.5.0-497
version/cisco web security appliance/8.5.0.000
version/cisco web security appliance/8.5.1-021
version/cisco web security appliance/8.5.2-024
version/cisco web security appliance/8.5.2-027
version/cisco web security appliance/8.5.3-055
version/cisco web security appliance/8.8.0-000
version/cisco web security appliance/8.8.0-085
version/cisco web security appliance/9.0.0-193
version/cisco web security appliance/9.0_base
version/cisco web security appliance/9.1.0-000
version/cisco web security appliance/9.1.0-070

CVE-2016-1440

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact