Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.106975 |
Category: | CISCO |
Title: | Cisco Web Security Appliance Administrative Interface Access Control Bypass Vulnerability |
Summary: | A vulnerability in the web proxy functionality of the Cisco Web Security;Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of;an affected device to the administrative management interface of an affected device. |
Description: | Summary: A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device. Vulnerability Insight: The vulnerability exists because the affected software fails to deny traffic that is forwarded from the web proxy interface to the administrative management interface of a device. An attacker could exploit this vulnerability by sending a crafted stream of HTTP or HTTPS traffic to the web proxy interface of an affected device. Vulnerability Impact: A successful exploit could allow traffic to reach the administrative management interface of the affected device although the traffic should have been dropped. Solution: See the referenced vendor advisory for a solution. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2017-6751 BugTraq ID: 99967 http://www.securityfocus.com/bid/99967 http://www.securitytracker.com/id/1038959 |
Copyright | Copyright (C) 2017 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |