CVE-2016-1383 - Vulnerability Details

Vendors	Products
Cisco	Web Security Appliance Web Security Appliance \(wsa\)

Link	Providers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4
http://www.securitytracker.com/id/1035911

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-05-18T00:00:00", "descriptions": [{"lang": "en", "value": "Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug ID CSCur28305."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-29T16:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20160518 Cisco Web Security Appliance Connection Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4"}, {"name": "1035911", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1035911"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2016-1383", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug ID CSCur28305."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20160518 Cisco Web Security Appliance Connection Denial of Service Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4"}, {"name": "1035911", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035911"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:55:14.220Z"}, "title": "CVE Program Container", "references": [{"name": "20160518 Cisco Web Security Appliance Connection Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4"}, {"name": "1035911", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1035911"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2016-1383", "datePublished": "2016-05-25T01:00:00", "dateReserved": "2016-01-04T00:00:00", "dateUpdated": "2024-08-05T22:55:14.220Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2016-05-18T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug ID CSCur28305. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2016-11-29T16:57:01 (string)

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

}

references : [ »

0 : { »

name : 20160518 Cisco Web Security Appliance Connection Denial of Service Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4 (string)

}

1 : { »

name : 1035911 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id/1035911 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@cisco.com (string)

ID : CVE-2016-1383 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug ID CSCur28305. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 20160518 Cisco Web Security Appliance Connection Denial of Service Vulnerability (string)

refsource : CISCO (string)

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4 (string)

}

1 : { »

name : 1035911 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id/1035911 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T22:55:14.220Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 20160518 Cisco Web Security Appliance Connection Denial of Service Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

2 : x_transferred (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4 (string)

}

1 : { »

name : 1035911 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1035911 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

assignerShortName : cisco (string)

cveId : CVE-2016-1383 (string)

datePublished : 2016-05-25T01:00:00 (string)

dateReserved : 2016-01-04T00:00:00 (string)

dateUpdated : 2024-08-05T22:55:14.220Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:web_security_appliance:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F24CCD0-DFAB-44D9-B29A-A6D925A83C93", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):5.6.0-623:*:*:*:*:*:*:*", "matchCriteriaId": "28647FC3-A6F5-476D-B75C-B93573350420", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):6.0.0-000:*:*:*:*:*:*:*", "matchCriteriaId": "D3732507-B22B-4410-B93B-A30E157F51C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "261EB727-C409-4839-AA11-60192D8D08E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "71A96AB4-38C2-477F-9C57-3263DA739F63", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "48EDA671-1858-4112-9F92-F621F553F7C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "D98BC2CA-0019-4884-88CA-86CFDA96E332", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "E5BA0694-C26D-4CC1-A372-3ABDC2B2A03B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.5.0-000:*:*:*:*:*:*:*", "matchCriteriaId": "080702CA-6D92-4054-87A7-61F821C8B327", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.5.0-825:*:*:*:*:*:*:*", "matchCriteriaId": "A051A86E-6FF5-44E1-85E6-CB818B58CBBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.5.1-000:*:*:*:*:*:*:*", "matchCriteriaId": "77326395-9F74-43ED-9CA2-C142EB6219E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.5.2-000:*:*:*:*:*:*:*", "matchCriteriaId": "4CBCCB5E-0AB7-42E9-9264-C8EF27E0FA88", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.7.0-000:*:*:*:*:*:*:*", "matchCriteriaId": "3D80DDAB-272F-4B57-8D5F-B12A11E5FC35", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):7.7.1-000:*:*:*:*:*:*:*", "matchCriteriaId": "847838A1-0305-435B-A4A0-CC476F9B0DB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.0-000:*:*:*:*:*:*:*", "matchCriteriaId": "5FA9F218-A9AB-4711-9AD0-7A99D9D23168", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "DC4A2EAF-AF87-489F-B69E-7604CC176752", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "6449A831-C0D0-4C43-B1A4-715F560FCABB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.6-078:*:*:*:*:*:*:*", "matchCriteriaId": "386D87AD-5552-4103-B1B3-079604746F67", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.6-119:*:*:*:*:*:*:*", "matchCriteriaId": "29B00067-7DFC-426C-94B8-24A48647E03D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "9D535C0B-1CBE-4F9E-BA90-31E0496EE354", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.7-142:*:*:*:*:*:*:*", "matchCriteriaId": "33FBBCA4-0526-47FA-A35A-212347A7A188", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.0.8-mr-113:*:*:*:*:*:*:*", "matchCriteriaId": "7B7C1E4C-21B8-433D-829F-6A84B22ED29D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.5.0-497:*:*:*:*:*:*:*", "matchCriteriaId": "8E837FF6-2B3C-4AEF-A29C-841A2B332668", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.5.0.000:*:*:*:*:*:*:*", "matchCriteriaId": "6688EAFC-A3F5-4BC0-991B-BD8C158A2CE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.5.1-021:*:*:*:*:*:*:*", "matchCriteriaId": "253E1900-D6E2-448A-9AE4-8D276912281B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.5.2-024:*:*:*:*:*:*:*", "matchCriteriaId": "E6644686-C51E-4367-9518-46013F6B3A5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.5.2-027:*:*:*:*:*:*:*", "matchCriteriaId": "6461E708-07E4-487C-B07D-1E9EAE72478E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance_\\(wsa\\):8.5.3-055:*:*:*:*:*:*:*", "matchCriteriaId": "3394552B-CDD0-4F52-A80F-76AF7235E681", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug ID CSCur28305."}, {"lang": "es", "value": "Fuga de memoria en Cisco AsyncOS hasta la versi\u00f3n 8.8 en dispositivos Web Security Appliance (WSA) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de un c\u00f3digo de estado HTTP no especificado, tambi\u00e9n conocida como Bug ID CSCur28305."}], "id": "CVE-2016-1383", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-05-25T01:59:07.177", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id/1035911"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1035911"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:cisco:web_security_appliance:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 8F24CCD0-DFAB-44D9-B29A-A6D925A83C93 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):5.6.0-623:*:*:*:*:*:*:* (string)

matchCriteriaId : 28647FC3-A6F5-476D-B75C-B93573350420 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):6.0.0-000:*:*:*:*:*:*:* (string)

matchCriteriaId : D3732507-B22B-4410-B93B-A30E157F51C3 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):7.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 261EB727-C409-4839-AA11-60192D8D08E6 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):7.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 71A96AB4-38C2-477F-9C57-3263DA739F63 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):7.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 48EDA671-1858-4112-9F92-F621F553F7C9 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):7.1.3:*:*:*:*:*:*:* (string)

matchCriteriaId : D98BC2CA-0019-4884-88CA-86CFDA96E332 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):7.1.4:*:*:*:*:*:*:* (string)

matchCriteriaId : E5BA0694-C26D-4CC1-A372-3ABDC2B2A03B (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):7.5.0-000:*:*:*:*:*:*:* (string)

matchCriteriaId : 080702CA-6D92-4054-87A7-61F821C8B327 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):7.5.0-825:*:*:*:*:*:*:* (string)

matchCriteriaId : A051A86E-6FF5-44E1-85E6-CB818B58CBBC (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):7.5.1-000:*:*:*:*:*:*:* (string)

matchCriteriaId : 77326395-9F74-43ED-9CA2-C142EB6219E0 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):7.5.2-000:*:*:*:*:*:*:* (string)

matchCriteriaId : 4CBCCB5E-0AB7-42E9-9264-C8EF27E0FA88 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):7.7.0-000:*:*:*:*:*:*:* (string)

matchCriteriaId : 3D80DDAB-272F-4B57-8D5F-B12A11E5FC35 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):7.7.1-000:*:*:*:*:*:*:* (string)

matchCriteriaId : 847838A1-0305-435B-A4A0-CC476F9B0DB5 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.0.0-000:*:*:*:*:*:*:* (string)

matchCriteriaId : 5FA9F218-A9AB-4711-9AD0-7A99D9D23168 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.0.5:*:*:*:*:*:*:* (string)

matchCriteriaId : DC4A2EAF-AF87-489F-B69E-7604CC176752 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.0.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 6449A831-C0D0-4C43-B1A4-715F560FCABB (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.0.6-078:*:*:*:*:*:*:* (string)

matchCriteriaId : 386D87AD-5552-4103-B1B3-079604746F67 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.0.6-119:*:*:*:*:*:*:* (string)

matchCriteriaId : 29B00067-7DFC-426C-94B8-24A48647E03D (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.0.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 9D535C0B-1CBE-4F9E-BA90-31E0496EE354 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.0.7-142:*:*:*:*:*:*:* (string)

matchCriteriaId : 33FBBCA4-0526-47FA-A35A-212347A7A188 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.0.8-mr-113:*:*:*:*:*:*:* (string)

matchCriteriaId : 7B7C1E4C-21B8-433D-829F-6A84B22ED29D (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.5.0-497:*:*:*:*:*:*:* (string)

matchCriteriaId : 8E837FF6-2B3C-4AEF-A29C-841A2B332668 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.5.0.000:*:*:*:*:*:*:* (string)

matchCriteriaId : 6688EAFC-A3F5-4BC0-991B-BD8C158A2CE0 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.5.1-021:*:*:*:*:*:*:* (string)

matchCriteriaId : 253E1900-D6E2-448A-9AE4-8D276912281B (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.5.2-024:*:*:*:*:*:*:* (string)

matchCriteriaId : E6644686-C51E-4367-9518-46013F6B3A5F (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.5.2-027:*:*:*:*:*:*:* (string)

matchCriteriaId : 6461E708-07E4-487C-B07D-1E9EAE72478E (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance_\(wsa\):8.5.3-055:*:*:*:*:*:*:* (string)

matchCriteriaId : 3394552B-CDD0-4F52-A80F-76AF7235E681 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Memory leak in Cisco AsyncOS through 8.8 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an unspecified HTTP status code, aka Bug ID CSCur28305. (string)

}

1 : { »

lang : es (string)

value : Fuga de memoria en Cisco AsyncOS hasta la versión 8.8 en dispositivos Web Security Appliance (WSA) permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) a través de un código de estado HTTP no especificado, también conocida como Bug ID CSCur28305. (string)

}

]

id : CVE-2016-1383 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : true (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 7.8 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 6.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2016-05-25T01:59:07.177 (string)

references : [ »

0 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4 (string)

}

1 : { »

source : psirt@cisco.com (string)

url : http://www.securitytracker.com/id/1035911 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa4 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securitytracker.com/id/1035911 (string)

}

]

sourceIdentifier : psirt@cisco.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-399 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object