Home

CVE-2016-1382

Description

Cisco AsyncOS before 8.5.3-069 and 8.6 through 8.8 on Web Security Appliance (WSA) devices mishandles memory allocation for HTTP requests, which allows remote attackers to cause a denial of service (proxy-process reload) via a crafted request, aka Bug ID CSCuu02529.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.486

Associated Vulnerability

VulnerabilityOS Platform
Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability For Cisco IronPort Web Security Appliance SoftwareNCM
Improper Input Validation Vulnerability (CVE-2016-1382)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1706023Security Update for Cisco IronPort Web Security Appliance Software 9.1.2-010

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234