CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-34698

A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establishing a large number of HTTPS connections to the affected device. A successful exploit could allow the attacker to cause the system to stop processing new connections, which could result in a DoS condition. Note: Manual intervention may be required to recover from this situation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.5%

CVSS Severity

CVSS v3 Score 8.6

CVSS v2 Score 7.8

References

Products affected by CVE-2021-34698

Cisco » Web Security Appliance S170 » Version: N/A

cpe:2.3:h:cisco:web_security_appliance_s170:-
Cisco » Web Security Appliance S190 » Version: N/A

cpe:2.3:h:cisco:web_security_appliance_s190:-
Cisco » Web Security Appliance S380 » Version: N/A

cpe:2.3:h:cisco:web_security_appliance_s380:-
Cisco » Web Security Appliance S390 » Version: N/A

cpe:2.3:h:cisco:web_security_appliance_s390:-
Cisco » Web Security Appliance S680 » Version: N/A

cpe:2.3:h:cisco:web_security_appliance_s680:-
Cisco » Web Security Appliance S690 » Version: N/A

cpe:2.3:h:cisco:web_security_appliance_s690:-
Cisco » Web Security Appliance S690x » Version: N/A

cpe:2.3:h:cisco:web_security_appliance_s690x:-
Cisco » Asyncos » Version: 12.0

cpe:2.3:o:cisco:asyncos:12.0
Cisco » Asyncos » Version: 12.0.0

cpe:2.3:o:cisco:asyncos:12.0.0
Cisco » Asyncos » Version: 12.0.1-268

cpe:2.3:o:cisco:asyncos:12.0.1-268
Cisco » Asyncos » Version: 12.0.2

cpe:2.3:o:cisco:asyncos:12.0.2
Cisco » Asyncos » Version: 12.5

cpe:2.3:o:cisco:asyncos:12.5
Cisco » Asyncos » Version: 12.5.0

cpe:2.3:o:cisco:asyncos:12.5.0
Cisco » Asyncos » Version: 12.5.0-059

cpe:2.3:o:cisco:asyncos:12.5.0-059
Cisco » Asyncos » Version: 12.5.0-633

cpe:2.3:o:cisco:asyncos:12.5.0-633
Cisco » Asyncos » Version: 12.5.1-011

cpe:2.3:o:cisco:asyncos:12.5.1-011
Cisco » Asyncos » Version: 14.0

cpe:2.3:o:cisco:asyncos:14.0
Cisco » Asyncos » Version: 14.0.1

cpe:2.3:o:cisco:asyncos:14.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-34698

Products

Pricing

Contact Us