Vulnerability in Cisco Web_security_virtual_appliance

CVE-2015-6287

Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka Bug IDs CSCur32005 and CSCur07907.

EPSS: 0.007 (73.0th percentile) — read the EPSS interpretation.

Affected products

Cisco Web_security_virtual_appliance — versions 8.0.5, 8.0.6, 8.0_base
N/a — versions n/a

Weakness classification (CWE)

CWE-399

References

1033529 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
20150909 Cisco Web Security Appliance DNS Resolution Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
76677 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)