CVE-2016-1440

Published on: 07/02/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:05 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Certain versions of Web Security Appliance from Cisco contain the following vulnerability:

The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468.

  • CVE-2016-1440 has been assigned by [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 5.3 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE NONE LOW

CVSS2 Score: 5 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE NONE PARTIAL

CVE References

Description Tags Link
Cisco Web Security Appliance FTP Pass-Through Bug Lets Remote Users Consume Excessive CPU Resources on the Target System - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1036188
Cisco Web Security Appliance Native FTP Denial of Service Vulnerability Vendor Advisory
tools.cisco.com
text/html
URL Logo CISCO 20160627 Cisco Web Security Appliance Native FTP Denial of Service Vulnerability

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationCiscoWeb Security Appliance5.6.0-623AllAllAll
ApplicationCiscoWeb Security Appliance6.0.0-000AllAllAll
ApplicationCiscoWeb Security Appliance7.1.0AllAllAll
ApplicationCiscoWeb Security Appliance7.1.1AllAllAll
ApplicationCiscoWeb Security Appliance7.1.2AllAllAll
ApplicationCiscoWeb Security Appliance7.1.3AllAllAll
ApplicationCiscoWeb Security Appliance7.1.4AllAllAll
ApplicationCiscoWeb Security Appliance7.5.0-000AllAllAll
ApplicationCiscoWeb Security Appliance7.5.0-825AllAllAll
ApplicationCiscoWeb Security Appliance7.5.1-000AllAllAll
ApplicationCiscoWeb Security Appliance7.5.2-000AllAllAll
ApplicationCiscoWeb Security Appliance7.5.2-hp2-303AllAllAll
ApplicationCiscoWeb Security Appliance7.7.0-000AllAllAll
ApplicationCiscoWeb Security Appliance7.7.0-608AllAllAll
ApplicationCiscoWeb Security Appliance7.7.1-000AllAllAll
ApplicationCiscoWeb Security Appliance7.7.5-835AllAllAll
ApplicationCiscoWeb Security Appliance8.0.0-000AllAllAll
ApplicationCiscoWeb Security Appliance8.0.5AllAllAll
ApplicationCiscoWeb Security Appliance8.0.5_hp1AllAllAll
ApplicationCiscoWeb Security Appliance8.0.6AllAllAll
ApplicationCiscoWeb Security Appliance8.0.6-078AllAllAll
ApplicationCiscoWeb Security Appliance8.0.6-119AllAllAll
ApplicationCiscoWeb Security Appliance8.0.7AllAllAll
ApplicationCiscoWeb Security Appliance8.0.7-142AllAllAll
ApplicationCiscoWeb Security Appliance8.0.8-mr-113AllAllAll
ApplicationCiscoWeb Security Appliance8.5.0-497AllAllAll
ApplicationCiscoWeb Security Appliance8.5.0.000AllAllAll
ApplicationCiscoWeb Security Appliance8.5.1-021AllAllAll
ApplicationCiscoWeb Security Appliance8.5.2-024AllAllAll
ApplicationCiscoWeb Security Appliance8.5.2-027AllAllAll
ApplicationCiscoWeb Security Appliance8.5.3-055AllAllAll
ApplicationCiscoWeb Security Appliance8.8.0-000AllAllAll
ApplicationCiscoWeb Security Appliance8.8.0-085AllAllAll
ApplicationCiscoWeb Security Appliance9.0.0-193AllAllAll
ApplicationCiscoWeb Security Appliance9.0_baseAllAllAll
ApplicationCiscoWeb Security Appliance9.1.0-000AllAllAll
ApplicationCiscoWeb Security Appliance9.1.0-070AllAllAll
ApplicationCiscoWeb Security Appliance5.6.0-623AllAllAll
ApplicationCiscoWeb Security Appliance6.0.0-000AllAllAll
ApplicationCiscoWeb Security Appliance7.1.0AllAllAll
ApplicationCiscoWeb Security Appliance7.1.1AllAllAll
ApplicationCiscoWeb Security Appliance7.1.2AllAllAll
ApplicationCiscoWeb Security Appliance7.1.3AllAllAll
ApplicationCiscoWeb Security Appliance7.1.4AllAllAll
ApplicationCiscoWeb Security Appliance7.5.0-000AllAllAll
ApplicationCiscoWeb Security Appliance7.5.0-825AllAllAll
ApplicationCiscoWeb Security Appliance7.5.1-000AllAllAll
ApplicationCiscoWeb Security Appliance7.5.2-000AllAllAll
ApplicationCiscoWeb Security Appliance7.5.2-hp2-303AllAllAll
ApplicationCiscoWeb Security Appliance7.7.0-000AllAllAll
ApplicationCiscoWeb Security Appliance7.7.0-608AllAllAll
ApplicationCiscoWeb Security Appliance7.7.1-000AllAllAll
ApplicationCiscoWeb Security Appliance7.7.5-835AllAllAll
ApplicationCiscoWeb Security Appliance8.0.0-000AllAllAll
ApplicationCiscoWeb Security Appliance8.0.5AllAllAll
ApplicationCiscoWeb Security Appliance8.0.5_hp1AllAllAll
ApplicationCiscoWeb Security Appliance8.0.6AllAllAll
ApplicationCiscoWeb Security Appliance8.0.6-078AllAllAll
ApplicationCiscoWeb Security Appliance8.0.6-119AllAllAll
ApplicationCiscoWeb Security Appliance8.0.7AllAllAll
ApplicationCiscoWeb Security Appliance8.0.7-142AllAllAll
ApplicationCiscoWeb Security Appliance8.0.8-mr-113AllAllAll
ApplicationCiscoWeb Security Appliance8.5.0-497AllAllAll
ApplicationCiscoWeb Security Appliance8.5.0.000AllAllAll
ApplicationCiscoWeb Security Appliance8.5.1-021AllAllAll
ApplicationCiscoWeb Security Appliance8.5.2-024AllAllAll
ApplicationCiscoWeb Security Appliance8.5.2-027AllAllAll
ApplicationCiscoWeb Security Appliance8.5.3-055AllAllAll
ApplicationCiscoWeb Security Appliance8.8.0-000AllAllAll
ApplicationCiscoWeb Security Appliance8.8.0-085AllAllAll
ApplicationCiscoWeb Security Appliance9.0.0-193AllAllAll
ApplicationCiscoWeb Security Appliance9.0_baseAllAllAll
ApplicationCiscoWeb Security Appliance9.1.0-000AllAllAll
ApplicationCiscoWeb Security Appliance9.1.0-070AllAllAll
  • cpe:2.3:a:cisco:web_security_appliance:5.6.0-623:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:6.0.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.1.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.1.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.1.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.1.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.5.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.5.0-825:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.5.1-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.5.2-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.5.2-hp2-303:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.7.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.7.0-608:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.7.1-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.7.5-835:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.5:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.5_hp1:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.6-078:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.6-119:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.7:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.7-142:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.8-mr-113:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.5.0-497:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.5.0.000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.5.1-021:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.5.2-024:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.5.2-027:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.5.3-055:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.8.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.8.0-085:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:9.0.0-193:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:9.0_base:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:9.1.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:9.1.0-070:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:5.6.0-623:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:6.0.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.1.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.1.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.1.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.1.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.1.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.5.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.5.0-825:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.5.1-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.5.2-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.5.2-hp2-303:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.7.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.7.0-608:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.7.1-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:7.7.5-835:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.5:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.5_hp1:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.6-078:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.6-119:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.7:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.7-142:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.0.8-mr-113:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.5.0-497:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.5.0.000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.5.1-021:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.5.2-024:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.5.2-027:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.5.3-055:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.8.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:8.8.0-085:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:9.0.0-193:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:9.0_base:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:9.1.0-000:*:*:*:*:*:*:*:
  • cpe:2.3:a:cisco:web_security_appliance:9.1.0-070:*:*:*:*:*:*:*: