What is CVE-2019-15956?

CVE-2019-15956 is a high-severity vulnerability in Cisco Web Security Appliance (Wsa), classified under Improper Access Control. CVSS score: 8.8/10. Published 2019-11-26.

How severe is CVE-2019-15956?

High severity. CVSS v3 base score is 8.8 out of 10.

Vulnerability in Cisco Web Security Appliance (Wsa)

CVE-2019-15956

A vulnerability in the web management interface of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to perform an unauthorized system reset on an affected device. The vulnerability…

EPSS: 0.002 (40.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Cisco Web Security Appliance (Wsa) — versions unspecified

Weakness classification (CWE)

CWE-284 — Improper Access Control

References

20191106 Cisco Web Security Appliance Unauthorized Device Reset Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2019-15956?: CVE-2019-15956 is a high-severity vulnerability in Cisco Web Security Appliance (Wsa), classified under Improper Access Control. CVSS score: 8.8/10. Published 2019-11-26.
How severe is CVE-2019-15956?: High severity. CVSS v3 base score is 8.8 out of 10.