CVE-2016-1440 - Vulnerability Details

Vendors	Products
Cisco	Web Security Appliance

Link	Providers
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa
http://www.securitytracker.com/id/1036188

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-06-27T00:00:00", "descriptions": [{"lang": "en", "value": "The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-31T09:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "1036188", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1036188"}, {"name": "20160627 Cisco Web Security Appliance Native FTP Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2016-1440", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1036188", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036188"}, {"name": "20160627 Cisco Web Security Appliance Native FTP Denial of Service Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:55:14.595Z"}, "title": "CVE Program Container", "references": [{"name": "1036188", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1036188"}, {"name": "20160627 Cisco Web Security Appliance Native FTP Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2016-1440", "datePublished": "2016-07-02T14:00:00", "dateReserved": "2016-01-04T00:00:00", "dateUpdated": "2024-08-05T22:55:14.595Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2016-06-27T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2017-08-31T09:57:01 (string)

orgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

shortName : cisco (string)

}

references : [ »

0 : { »

name : 1036188 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id/1036188 (string)

}

1 : { »

name : 20160627 Cisco Web Security Appliance Native FTP Denial of Service Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@cisco.com (string)

ID : CVE-2016-1440 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 1036188 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id/1036188 (string)

}

1 : { »

name : 20160627 Cisco Web Security Appliance Native FTP Denial of Service Vulnerability (string)

refsource : CISCO (string)

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T22:55:14.595Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 1036188 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1036188 (string)

}

1 : { »

name : 20160627 Cisco Web Security Appliance Native FTP Denial of Service Vulnerability (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_CISCO (string)

2 : x_transferred (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : d1c1063e-7a18-46af-9102-31f8928bc633 (string)

assignerShortName : cisco (string)

cveId : CVE-2016-1440 (string)

datePublished : 2016-07-02T14:00:00 (string)

dateReserved : 2016-01-04T00:00:00 (string)

dateUpdated : 2024-08-05T22:55:14.595Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:web_security_appliance:5.6.0-623:*:*:*:*:*:*:*", "matchCriteriaId": "3463A482-F89B-4136-AEB3-EB20EA0160A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:6.0.0-000:*:*:*:*:*:*:*", "matchCriteriaId": "B10586A4-2BB8-4193-927D-F1775797E4BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "115E5118-AB49-4CAF-9DA2-712AA6605C21", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "E320F3AC-9C05-409F-BB54-E3FB1BAAE063", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "900CE698-301B-4B56-B441-D925E924FE36", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "F148C6AE-7B86-4AED-AFE0-9D91A8142005", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "83910933-0B59-453C-B015-99D2CDE7DF3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.5.0-000:*:*:*:*:*:*:*", "matchCriteriaId": "D3F89337-B550-4985-BA36-31695D1865C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.5.0-825:*:*:*:*:*:*:*", "matchCriteriaId": "2FC6B22F-CDA0-4EFA-A370-D00D0CD138DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.5.1-000:*:*:*:*:*:*:*", "matchCriteriaId": "0DFC3A10-C014-4B25-A4EF-96241DF06379", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.5.2-000:*:*:*:*:*:*:*", "matchCriteriaId": "7197CAB4-01ED-4502-89FA-DB5E3B0B6435", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.5.2-hp2-303:*:*:*:*:*:*:*", "matchCriteriaId": "2A4976F9-1C44-45C2-9C40-420376911113", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.7.0-000:*:*:*:*:*:*:*", "matchCriteriaId": "9156B2AE-89FD-4702-A99F-32DE2E9C3A36", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.7.0-608:*:*:*:*:*:*:*", "matchCriteriaId": "64E907A2-C0C9-4288-BAA7-B36D112EE4CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.7.1-000:*:*:*:*:*:*:*", "matchCriteriaId": "085D1356-236E-4C35-8C82-7F9BA758C46C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:7.7.5-835:*:*:*:*:*:*:*", "matchCriteriaId": "A276AE73-EF2D-4D0F-83D6-02CCACFA373D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.0.0-000:*:*:*:*:*:*:*", "matchCriteriaId": "33C867BF-2CD0-4058-9738-22C769B03D97", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "AFBF729F-2AD0-4291-AF41-184CCA230D28", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.0.5_hp1:*:*:*:*:*:*:*", "matchCriteriaId": "865FE706-EA2B-4170-B0CD-148EA310D051", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "9D8750D2-5250-43BE-AC50-981902C0CF5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.0.6-078:*:*:*:*:*:*:*", "matchCriteriaId": "A5A171CD-A1FB-44AE-B252-9916626AEEDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.0.6-119:*:*:*:*:*:*:*", "matchCriteriaId": "D6003553-A114-42E0-B817-D176F3A6112B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "892F3569-985A-43FD-8A65-440A528A29FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.0.7-142:*:*:*:*:*:*:*", "matchCriteriaId": "7514E1C3-42DC-4738-AF6C-3004FAC5BD6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.0.8-mr-113:*:*:*:*:*:*:*", "matchCriteriaId": "C62AB23C-9F58-403D-B0E7-8ED3F5A4FE1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.5.0-497:*:*:*:*:*:*:*", "matchCriteriaId": "3E9AF842-92F9-43A7-834A-0FFB3B619EDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.5.0.000:*:*:*:*:*:*:*", "matchCriteriaId": "27B25873-F2FA-4876-9222-362EDC3FB00A", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.5.1-021:*:*:*:*:*:*:*", "matchCriteriaId": "8C75625C-3C19-4449-B992-279325170CD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.5.2-024:*:*:*:*:*:*:*", "matchCriteriaId": "4954BDC0-0A4B-4EF7-BFD2-2FF6FAE2FCA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.5.2-027:*:*:*:*:*:*:*", "matchCriteriaId": "F4F98B8B-8B27-4253-B8EF-5782F57DB654", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.5.3-055:*:*:*:*:*:*:*", "matchCriteriaId": "729E3778-4BCA-46C6-AF3D-A2C10CDDB1F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.8.0-000:*:*:*:*:*:*:*", "matchCriteriaId": "02CDB2C1-E72C-49A3-B96D-433A9F6A3716", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:8.8.0-085:*:*:*:*:*:*:*", "matchCriteriaId": "4F98FEDA-89EF-40BA-BBD3-3EBD6DD33EE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:9.0.0-193:*:*:*:*:*:*:*", "matchCriteriaId": "5AD5471D-6A95-4BF2-9ECB-3F7AE74BCE57", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:9.0_base:*:*:*:*:*:*:*", "matchCriteriaId": "04E5E7DC-1197-49BD-8D83-E69015F25622", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:9.1.0-000:*:*:*:*:*:*:*", "matchCriteriaId": "7703E48F-6AAE-42DF-91E4-7205E9A7AD1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:9.1.0-070:*:*:*:*:*:*:*", "matchCriteriaId": "8782B7BC-03C5-4866-9807-14EF9A818EB1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468."}, {"lang": "es", "value": "El proceso proxy en dispositivos Cisco Web Security Appliance (WSA) hasta la versi\u00f3n 9.1.0-070 permite a atacantes remotos causar una denegaci\u00f3n de servicios (consumo de CPU) estableciendo una sesi\u00f3n FTP y entonces terminando inapropiadamente el control de conexi\u00f3n despu\u00e9s de una transferencia de archivo, tambi\u00e9n conocido como Bug ID CSCuy43468."}], "id": "CVE-2016-1440", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-07-02T14:59:09.273", "references": [{"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id/1036188"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1036188"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:5.6.0-623:*:*:*:*:*:*:* (string)

matchCriteriaId : 3463A482-F89B-4136-AEB3-EB20EA0160A1 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:6.0.0-000:*:*:*:*:*:*:* (string)

matchCriteriaId : B10586A4-2BB8-4193-927D-F1775797E4BC (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.1.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 115E5118-AB49-4CAF-9DA2-712AA6605C21 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.1.1:*:*:*:*:*:*:* (string)

matchCriteriaId : E320F3AC-9C05-409F-BB54-E3FB1BAAE063 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.1.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 900CE698-301B-4B56-B441-D925E924FE36 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.1.3:*:*:*:*:*:*:* (string)

matchCriteriaId : F148C6AE-7B86-4AED-AFE0-9D91A8142005 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.1.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 83910933-0B59-453C-B015-99D2CDE7DF3F (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.5.0-000:*:*:*:*:*:*:* (string)

matchCriteriaId : D3F89337-B550-4985-BA36-31695D1865C7 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.5.0-825:*:*:*:*:*:*:* (string)

matchCriteriaId : 2FC6B22F-CDA0-4EFA-A370-D00D0CD138DD (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.5.1-000:*:*:*:*:*:*:* (string)

matchCriteriaId : 0DFC3A10-C014-4B25-A4EF-96241DF06379 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.5.2-000:*:*:*:*:*:*:* (string)

matchCriteriaId : 7197CAB4-01ED-4502-89FA-DB5E3B0B6435 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.5.2-hp2-303:*:*:*:*:*:*:* (string)

matchCriteriaId : 2A4976F9-1C44-45C2-9C40-420376911113 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.7.0-000:*:*:*:*:*:*:* (string)

matchCriteriaId : 9156B2AE-89FD-4702-A99F-32DE2E9C3A36 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.7.0-608:*:*:*:*:*:*:* (string)

matchCriteriaId : 64E907A2-C0C9-4288-BAA7-B36D112EE4CA (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.7.1-000:*:*:*:*:*:*:* (string)

matchCriteriaId : 085D1356-236E-4C35-8C82-7F9BA758C46C (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:7.7.5-835:*:*:*:*:*:*:* (string)

matchCriteriaId : A276AE73-EF2D-4D0F-83D6-02CCACFA373D (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.0.0-000:*:*:*:*:*:*:* (string)

matchCriteriaId : 33C867BF-2CD0-4058-9738-22C769B03D97 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.0.5:*:*:*:*:*:*:* (string)

matchCriteriaId : AFBF729F-2AD0-4291-AF41-184CCA230D28 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.0.5_hp1:*:*:*:*:*:*:* (string)

matchCriteriaId : 865FE706-EA2B-4170-B0CD-148EA310D051 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.0.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 9D8750D2-5250-43BE-AC50-981902C0CF5C (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.0.6-078:*:*:*:*:*:*:* (string)

matchCriteriaId : A5A171CD-A1FB-44AE-B252-9916626AEEDD (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.0.6-119:*:*:*:*:*:*:* (string)

matchCriteriaId : D6003553-A114-42E0-B817-D176F3A6112B (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.0.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 892F3569-985A-43FD-8A65-440A528A29FD (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.0.7-142:*:*:*:*:*:*:* (string)

matchCriteriaId : 7514E1C3-42DC-4738-AF6C-3004FAC5BD6C (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.0.8-mr-113:*:*:*:*:*:*:* (string)

matchCriteriaId : C62AB23C-9F58-403D-B0E7-8ED3F5A4FE1B (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.5.0-497:*:*:*:*:*:*:* (string)

matchCriteriaId : 3E9AF842-92F9-43A7-834A-0FFB3B619EDA (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.5.0.000:*:*:*:*:*:*:* (string)

matchCriteriaId : 27B25873-F2FA-4876-9222-362EDC3FB00A (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.5.1-021:*:*:*:*:*:*:* (string)

matchCriteriaId : 8C75625C-3C19-4449-B992-279325170CD2 (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.5.2-024:*:*:*:*:*:*:* (string)

matchCriteriaId : 4954BDC0-0A4B-4EF7-BFD2-2FF6FAE2FCA4 (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.5.2-027:*:*:*:*:*:*:* (string)

matchCriteriaId : F4F98B8B-8B27-4253-B8EF-5782F57DB654 (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.5.3-055:*:*:*:*:*:*:* (string)

matchCriteriaId : 729E3778-4BCA-46C6-AF3D-A2C10CDDB1F1 (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.8.0-000:*:*:*:*:*:*:* (string)

matchCriteriaId : 02CDB2C1-E72C-49A3-B96D-433A9F6A3716 (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:8.8.0-085:*:*:*:*:*:*:* (string)

matchCriteriaId : 4F98FEDA-89EF-40BA-BBD3-3EBD6DD33EE6 (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:9.0.0-193:*:*:*:*:*:*:* (string)

matchCriteriaId : 5AD5471D-6A95-4BF2-9ECB-3F7AE74BCE57 (string)

vulnerable : true (boolean)

}

34 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:9.0_base:*:*:*:*:*:*:* (string)

matchCriteriaId : 04E5E7DC-1197-49BD-8D83-E69015F25622 (string)

vulnerable : true (boolean)

}

35 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:9.1.0-000:*:*:*:*:*:*:* (string)

matchCriteriaId : 7703E48F-6AAE-42DF-91E4-7205E9A7AD1D (string)

vulnerable : true (boolean)

}

36 : { »

criteria : cpe:2.3:a:cisco:web_security_appliance:9.1.0-070:*:*:*:*:*:*:* (string)

matchCriteriaId : 8782B7BC-03C5-4866-9807-14EF9A818EB1 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : The proxy process on Cisco Web Security Appliance (WSA) devices through 9.1.0-070 allows remote attackers to cause a denial of service (CPU consumption) by establishing an FTP session and then improperly terminating the control connection after a file transfer, aka Bug ID CSCuy43468. (string)

}

1 : { »

lang : es (string)

value : El proceso proxy en dispositivos Cisco Web Security Appliance (WSA) hasta la versión 9.1.0-070 permite a atacantes remotos causar una denegación de servicios (consumo de CPU) estableciendo una sesión FTP y entonces terminando inapropiadamente el control de conexión después de una transferencia de archivo, también conocido como Bug ID CSCuy43468. (string)

}

]

id : CVE-2016-1440 (string)

lastModified : 2025-04-12T10:46:40.837 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 5 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : LOW (string)

baseScore : 5.3 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L (string)

version : 3.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 1.4 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2016-07-02T14:59:09.273 (string)

references : [ »

0 : { »

source : psirt@cisco.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa (string)

}

1 : { »

source : psirt@cisco.com (string)

url : http://www.securitytracker.com/id/1036188 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160627-wsa (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securitytracker.com/id/1036188 (string)

}

]

sourceIdentifier : psirt@cisco.com (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-399 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object