What is CVE-2021-1566?

CVE-2021-1566 is a high-severity vulnerability in Cisco Web Security Appliance (Wsa), classified under Improper Following of a Certificate's Chain of Trust. CVSS score: 7.4/10. Published 2021-06-16.

How severe is CVE-2021-1566?

High severity. CVSS v3 base score is 7.4 out of 10.

Vulnerability in Cisco Web Security Appliance (Wsa)

CVE-2021-1566

A vulnerability in the Cisco Advanced Malware Protection (AMP) for Endpoints integration of Cisco AsyncOS for Cisco Email Security Appliance (ESA) and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to in…

EPSS: 0.001 (31.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.4 (High). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N.

Affected products

Cisco Web Security Appliance (Wsa) — versions n/a

Weakness classification (CWE)

CWE-296 — Improper Following of a Certificate's Chain of Trust

References

20210616 Cisco Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability (vendor-advisory, x_refsource_CISCO)

Frequently asked questions

What is CVE-2021-1566?: CVE-2021-1566 is a high-severity vulnerability in Cisco Web Security Appliance (Wsa), classified under Improper Following of a Certificate's Chain of Trust. CVSS score: 7.4/10. Published 2021-06-16.
How severe is CVE-2021-1566?: High severity. CVSS v3 base score is 7.4 out of 10.