Cisco Bug: CSCvi19537 - Ports used by internal processes are reachable from outside WSA
Feb 06, 2019
- Cisco Web Security Appliance
Known Affected Releases
10.1.2-050 10.1.3-039 10.1.3-050 10.1.3-054 10.5.2-042 10.5.2-060 10.5.2-061 10.5.2-066 10.5.2-296 10.6.0-157 11.0.0-641 11.5.0-FCS-582 11.5.0-FCS-614 9.1.1-074 9.1.2-039 9.1.2-040 9.1.2-041 9.1.3-016 9.1.3-024 WSA10.0.0-233
Symptom: External devices have the ability to connect to WSA on the UDP ports that are used by internal processes on WSA and are open for all WSA-interfaces Conditions: If you run the CLI command 'netstat' (without quotes) on WSA, you'll get, among other things, a list of UDP ports that are open for all the interfaces of WSA. If it's a non-common UDP port (for example: 40925), and if it's open for all the interfaces on WSA, it's most likely being used by an internal process on the WSA.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases