A vulnerability in the Decrypt for End-User Notification configuration parameter of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to connect to a secure website over Secure Sockets Layer (SSL) or Transport Layer Security (TLS), even if the WSA is configured to block connections to the website. Affected Products: This vulnerability affects Cisco Web Security Appliances if the HTTPS decryption options are enabled and configured for the device to block connections to certain websites. More Information: CSCvb49012. Known Affected Releases: 9.0.1-162 9.1.1-074.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2016-12-14T00:37:00
Updated: 2024-08-06T02:42:11.232Z
Reserved: 2016-11-06T00:00:00
Link: CVE-2016-9212
Vulnrichment
No data.
NVD
Status : Modified
Published: 2016-12-14T00:59:34.303
Modified: 2024-11-21T03:00:48.577
Link: CVE-2016-9212
Redhat
No data.