Preview Tool

Cisco Bug: CSCzv95795 - Cisco WSA TCP Flood Denial of Service Vulnerability

Last Modified

Sep 21, 2018

Products (1)

  • Cisco Web Security Appliance

Known Affected Releases

5.6.0-623 6.0.0-000 7.5.0-000 7.5.0-825 7.5.1-000 7.5.2-000 7.7.0-000 7.7.1-000 8.0.0-000 8.5.0-beta2-389

Description (partial)

A vulnerability in the network stack of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA)
and Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust all available memory, preventing the affected
device from accepting new TCP connections.

The vulnerability is due to improper handling of TCP packets sent at a high rate. An attacker could exploit this vulnerability by sending crafted
TCP packets to the affected system.

Note: A full device reload is needed to recover the system to an operational state.

Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. This advisory is
available at the following link:

See Security Advisory
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.