[Forgot Password]
Login  Register Subscribe

24437

 
 

131815

 
 

116370

 
 

909

 
 

90976

 
 

142

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2016-6437Date: (C)2016-10-28   (M)2018-02-19


A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a performance degradation. More Information: CSCva03095. Known Affected Releases: 5.3(5), 6.1(1), 6.2(1). Known Fixed Releases: 5.3(5g)1, 6.2(2.32).

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 5.9CVSS Score : 7.1
Exploit Score: 2.2Exploit Score: 8.6
Impact Score: 3.6Impact Score: 6.9
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: NETWORKAccess Vector: NETWORK
Attack Complexity: HIGHAccess Complexity: MEDIUM
Privileges Required: NONEAuthentication: NONE
User Interaction: NONEConfidentiality: NONE
Scope: UNCHANGEDIntegrity: NONE
Confidentiality: NONEAvailability: COMPLETE
Integrity: NONE 
Availability: HIGH 
  
Reference:
SECTRACK-1037002
BID-93524
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-waas

CPE    13
cpe:/a:cisco:wide_area_application_services:5.3.5c
cpe:/a:cisco:wide_area_application_services:5.3.5a
cpe:/a:cisco:wide_area_application_services:5.3.5b
cpe:/a:cisco:wide_area_application_services:5.3.5
...
CWE    1
CWE-399

© SecPod Technologies