CVE-2021-34698

Summary

CVE	CVE-2021-34698
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2021-10-06 20:15:00 UTC
Updated	2023-11-07 03:36:00 UTC
Description	A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establishing a large number of HTTPS connections to the affected device. A successful exploit could allow the attacker to cause the system to stop processing new connections, which could result in a DoS condition. Note: Manual intervention may be required to recover from this situation.

Risk And Classification

Problem Types: CWE-401

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Cisco	Asyncos	All	All	All	All
Hardware	Cisco	Web Security Appliance S170	-	All	All	All
Hardware	Cisco	Web Security Appliance S190	-	All	All	All
Hardware	Cisco	Web Security Appliance S380	-	All	All	All
Hardware	Cisco	Web Security Appliance S390	-	All	All	All
Hardware	Cisco	Web Security Appliance S680	-	All	All	All
Hardware	Cisco	Web Security Appliance S690	-	All	All	All
Hardware	Cisco	Web Security Appliance S690x	-	All	All	All

References

Reference	Source	Link	Tags
Cisco Web Security Appliance Proxy Service Denial of Service Vulnerability	CISCO	tools.cisco.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

317072 Cisco Web Security Appliance Proxy Service Denial of Service (DoS) Vulnerability (cisco-sa-wsa-dos-fmHdKswk)
317079 Cisco Web Security Appliance Proxy Service Denial of Service (DoS) Vulnerability (cisco-sa-wsa-dos-fmHdKswk)