CVE-2015-6290

Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426.

Published: Sep 14, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-6290
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
cisco / web_security_virtual_appliance	8.0.7	8.0.7.x
cisco / web_security_virtual_appliance	8.0.6	8.0.6.x
cisco / web_security_virtual_appliance	8.0_base	8.0_base.x
cisco / web_security_virtual_appliance	8.0.5	8.0.5.x

http://tools.cisco.com/security/center/viewAlert.x?alertId=40896
http://www.securityfocus.com/bid/76687
http://www.securitytracker.com/id/1033530

Vulnerability Database

289,782

CVE-2015-6290