Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Web_security_appliance
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 63 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-04-02 | CVE-2014-2137 | CRLF injection vulnerability in the web framework in Cisco Web Security Appliance (WSA) 7.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL, aka Bug ID CSCuj61002. | Web_security_appliance, Web_security_virtual_appliance | N/A | ||
| 2013-10-24 | CVE-2013-5537 | The web framework on Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) devices does not properly manage the state of HTTP and HTTPS sessions, which allows remote attackers to cause a denial of service (management GUI outage) via multiple TCP connections, aka Bug IDs CSCuj59411, CSCuf89818, and CSCuh05635. | Content_security_management_appliance, Email_security_appliance_firmware, Web_security_appliance | N/A | ||
| 2013-07-02 | CVE-2013-3395 | Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuh70263, CSCuh70323, and CSCuh26634. | Content_security_management_appliance, Email_security_appliance_firmware, Web_security_appliance | N/A |