Guest

Preview Tool

Cisco Bug: CSCup62085 - DNS 503 Errors when WSA is under heavy load

Last Modified

Feb 09, 2017

Products (1)

  • Cisco Web Security Appliance

Known Affected Releases

8.0.5-075 8.0.6-053

Description (partial)

Symptom:
A vulnerability in Domain Name System (DNS) resolution in the Cisco Web Security Appliance (WSA) could allow an
unauthenticated, remote attacker to cause a partial denial of service (DoS) condition.

The vulnerability is due to timing consideration when processing DNS requests when under heavy system load. 
An attacker could exploit this vulnerability by sending HTTP traffic to the device which will require DNS resolution. 
An exploit could allow the attacker to cause a partial DoS condition on the affected device.

Conditions:
Default Configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.