Guest

Preview Tool

Cisco Bug: CSCuo02589 - SMA HTTP Header Validation

Last Modified

Jan 26, 2017

Products (1)

  • Cisco Content Security Management Appliance

Known Affected Releases

8.2.0-000 8.3.5-063

Description (partial)

Symptom:
Nessus scanner may flag SMA as vulnerable to ''Infinite Request attack''.
Cisco has analyzed this issue and, while the product is resilient to the attack, so no crash or performance hit are noticed, it is still
accepting and processing the crafted HTTP request.

This bug is open to make sure the product implement better sanitation techniques.

Conditions:
none
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.