Guest

Preview Tool

Cisco Bug: CSCvi19537 - Ports used by internal processes are reachable from outside WSA

Last Modified

Feb 06, 2019

Products (1)

  • Cisco Web Security Appliance

Known Affected Releases

10.1.2-050 10.1.3-039 10.1.3-050 10.1.3-054 10.5.2-042 10.5.2-060 10.5.2-061 10.5.2-066 10.5.2-296 10.6.0-157 11.0.0-641 11.5.0-FCS-582 11.5.0-FCS-614 9.1.1-074 9.1.2-039 9.1.2-040 9.1.2-041 9.1.3-016 9.1.3-024 WSA10.0.0-233

Description (partial)

Symptom:
External devices have the ability to connect to WSA on the UDP ports that are used by internal processes on WSA and are open for all WSA-interfaces

Conditions:
If you run the CLI command 'netstat' (without quotes) on WSA, you'll get, among other things, a list of UDP ports that are open for all the interfaces of WSA. If it's a non-common UDP port (for example: 40925), and if it's open for all the interfaces on WSA, it's most likely being used by an internal process on the WSA.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.