CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-1288

The HTTPS Proxy feature in Cisco AsyncOS before 8.5.3-051 and 9.x before 9.0.0-485 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (service outage) by leveraging certain intranet connectivity and sending a malformed HTTPS request, aka Bug ID CSCuu24840.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.8%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-wsa
http://www.securitytracker.com/id/1035163
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-wsa
http://www.securitytracker.com/id/1035163

Products affected by CVE-2016-1288

Cisco » Web Security Appliance » Version: 9.0.0-193

cpe:2.3:a:cisco:web_security_appliance:9.0.0-193
Cisco » Web Security Appliance » Version: 8.5.0-497

cpe:2.3:o:cisco:web_security_appliance:8.5.0-497

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-1288

Products

Pricing

Contact Us