Guest

Preview Tool

Cisco Bug: CSCur32005 - Cisco Web Security Appliance (WSA) DNS Resolution Vulnerability

Last Modified

Feb 13, 2018

Products (1)

  • Cisco Web Security Appliance

Known Affected Releases

8.0.6-115

Description (partial)

Symptom:
A vulnerability in Domain Name Service (DNS) resolution function of the Cisco Web Security 
Appliance (WSA) could allow an unauthenticated, remote attacker to cause a partial denial 
of service (DoS) condition due to DNS name resolution failing through the device.

The vulnerability is due to the handling of DNS requests awaiting a DNS response when new, 
incoming DNS requests are received. An attacker could exploit this vulnerability by sending 
TCP proxy traffic to the WSA at a high rate. An exploit could allow the attacker to cause a 
partial DoS condition because DNS name resolution fails which results in the client receiving 
a HTTP 503 ''Service Unavailable'' error.

Conditions:
Device running with default configuration running an affected version of software.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.