CVE-2019-15956: Cisco Web Security Appliance Unauthorized Device Reset Vulnerability
First published: Tue Nov 26 2019(Updated: )
A vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform an unauthorized system reset on an affected device. The vulnerability is due to improper authorization controls for a specific URL in the web management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could have a twofold impact: the attacker could either change the administrator password, gaining privileged access, or reset the network configuration details, causing a denial of service (DoS) condition. In both scenarios, manual intervention is required to restore normal operations.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco AsyncOS | >=10.1<10.1.5-004 | |
| Cisco AsyncOS | >=10.5<11.5.3-016 | |
| Cisco AsyncOS | >=11.7<11.7.1-006 | |
| Cisco Web Security Appliance | =10.5.2-072 | |
| Cisco Web Security Appliance | =11.5.1-fcs-125 | |
| Cisco Web Security Appliance | =11.7.0-fcs-418 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-15956?
CVE-2019-15956 is a vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) that allows an authenticated, remote attacker to perform an unauthorized system reset on an affected device.
How severe is CVE-2019-15956?
CVE-2019-15956 has a severity level of 8.8 (high).
How does CVE-2019-15956 affect Cisco AsyncOS Software?
CVE-2019-15956 affects Cisco AsyncOS Software versions 10.1 to 10.1.5-004, 10.5 to 11.5.3-016, and 11.7 to 11.7.1-006.
How does CVE-2019-15956 affect Cisco Web Security Appliance?
CVE-2019-15956 affects Cisco Web Security Appliance versions 10.5.2-072, 11.5.1-fcs-125, and 11.7.0-fcs-418.
How can I fix CVE-2019-15956?
To fix CVE-2019-15956, apply the necessary updates or patches provided by Cisco. For more information, refer to the Cisco Security Advisory linked in the references section.
- collector/nvd-index
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/title
- agent/last-modified-date
- agent/author
- agent/references
- agent/first-publish-date
- agent/tags
- agent/event
- agent/description
- vendor/cisco
- canonical/cisco asyncos
- version/cisco asyncos/10.1
- version/cisco asyncos/10.5
- version/cisco asyncos/11.7
- canonical/cisco web security appliance
- version/cisco web security appliance/10.5.2-072
- version/cisco web security appliance/11.5.1-fcs-125
- version/cisco web security appliance/11.7.0-fcs-418