CVE-2015-6293
Last modified
CVE-2015-6293 is a vulnerability of currently unknown severity. Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via multiple file-range requests, aka Bug ID CSCur39155.. EPSS estimates a 1.93% chance of exploitation in the next 30 days.
Description
Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via multiple file-range requests, aka Bug ID CSCur39155.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Web Security Appliance | 8.0.0-000 |
| Cisco | Web Security Appliance | 8.0.5 |
| Cisco | Web Security Appliance | 8.0.6 |
| Cisco | Web Security Appliance | 8.0.6-078 |
| Cisco | Web Security Appliance | 8.0.7-142 |
| Cisco | Web Security Appliance | 8.0.8-mr-113 |
| Cisco | Web Security Appliance | 8.5.0-497 |
| Cisco | Web Security Appliance | 8.5.0.000 |
| Cisco | Web Security Appliance | 8.5.2-024 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2015-6293?
How severe is CVE-2015-6293?
How do I fix CVE-2015-6293?
Are you affected by CVE-2015-6293?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST