Lucene search

CiscoCVE-2015-6321

HistoryNov 06, 2015 - 3:59 a.m.

CVE-2015-6321

2015-11-0603:59:03

CWE-399

cisco

web.nvd.nist.gov

cve-2015-6321

cisco

asyncos

email security appliance

esa

content security management appliance

sma

web security appliance

wsa

denial of service

memory consumption

tcp packets

vulnerability

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.6

Confidence

Low

EPSS

0.006

Percentile

77.8%

JSON

Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security Appliance (ESA) devices; before 9.1.0-032, 9.1.1 before 9.1.1-005, and 9.5.x before 9.5.0-025 on Content Security Management Appliance (SMA) devices; and before 7.7.0-725 and 8.x before 8.0.8-113 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via a flood of TCP packets, aka Bug IDs CSCus79774, CSCus79777, and CSCzv95795.

Affected configurations

Nvd

Node

ciscoweb_security_applianceMatch5.6.0-623

ciscoweb_security_applianceMatch6.0.0-000

ciscoweb_security_applianceMatch7.5.0-000

ciscoweb_security_applianceMatch7.5.0-825

ciscoweb_security_applianceMatch7.5.1-000

ciscoweb_security_applianceMatch7.5.2-000

ciscoweb_security_applianceMatch7.7.0-000

ciscoweb_security_applianceMatch7.7.1-000

ciscoweb_security_applianceMatch8.0.0-000

ciscoweb_security_applianceMatch8.5.0.000

Node

ciscocontent_security_management_applianceMatch7.8.0-328

ciscocontent_security_management_applianceMatch7.8.1-001

ciscocontent_security_management_applianceMatch7.9.0-201

ciscocontent_security_management_applianceMatch7.9.2-116

ciscocontent_security_management_applianceMatch8.0.1-031

ciscocontent_security_management_applianceMatch8.1.0-001

ciscocontent_security_management_applianceMatch8.1.1-033

ciscocontent_security_management_applianceMatch8.1.2-000

ciscocontent_security_management_applianceMatch8.2.0-238

ciscocontent_security_management_applianceMatch8.3.0-350

ciscocontent_security_management_applianceMatch8.3.5-061

ciscocontent_security_management_applianceMatch8.3.6-014

ciscocontent_security_management_applianceMatch8.3.7-010

ciscocontent_security_management_applianceMatch8.4.0-150

ciscocontent_security_management_applianceMatch9.0.0-073

ciscocontent_security_management_applianceMatch9.1.0-004

Node

ciscoemail_security_applianceMatch7.6.1-000

ciscoemail_security_applianceMatch7.6.3-000

ciscoemail_security_applianceMatch7.7.0-000

ciscoemail_security_applianceMatch7.7.1-000

ciscoemail_security_applianceMatch7.8.0-311

ciscoemail_security_applianceMatch8.5.6-052

ciscoemail_security_applianceMatch8.6.0-011

ciscoemail_security_applianceMatch8.9.1-000

ciscoemail_security_applianceMatch8.9.2-032

ciscoemail_security_applianceMatch9.0.0-212

ciscoemail_security_applianceMatch9.0.5-000

ciscoemail_security_applianceMatch9.1.0-011

ciscoemail_security_applianceMatch9.4.4-000

ciscoemail_security_applianceMatch9.5.0-000

VendorProductVersionCPE
ciscoweb_security_appliance5.6.0-623cpe:2.3:a:cisco:web_security_appliance:5.6.0-623:*:*:*:*:*:*:*
ciscoweb_security_appliance6.0.0-000cpe:2.3:a:cisco:web_security_appliance:6.0.0-000:*:*:*:*:*:*:*
ciscoweb_security_appliance7.5.0-000cpe:2.3:a:cisco:web_security_appliance:7.5.0-000:*:*:*:*:*:*:*
ciscoweb_security_appliance7.5.0-825cpe:2.3:a:cisco:web_security_appliance:7.5.0-825:*:*:*:*:*:*:*
ciscoweb_security_appliance7.5.1-000cpe:2.3:a:cisco:web_security_appliance:7.5.1-000:*:*:*:*:*:*:*
ciscoweb_security_appliance7.5.2-000cpe:2.3:a:cisco:web_security_appliance:7.5.2-000:*:*:*:*:*:*:*
ciscoweb_security_appliance7.7.0-000cpe:2.3:a:cisco:web_security_appliance:7.7.0-000:*:*:*:*:*:*:*
ciscoweb_security_appliance7.7.1-000cpe:2.3:a:cisco:web_security_appliance:7.7.1-000:*:*:*:*:*:*:*
ciscoweb_security_appliance8.0.0-000cpe:2.3:a:cisco:web_security_appliance:8.0.0-000:*:*:*:*:*:*:*
ciscoweb_security_appliance8.5.0.000cpe:2.3:a:cisco:web_security_appliance:8.5.0.000:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	web_security_appliance	5.6.0-623	cpe:2.3:a:cisco:web_security_appliance:5.6.0-623:::::::*
cisco	web_security_appliance	6.0.0-000	cpe:2.3:a:cisco:web_security_appliance:6.0.0-000:::::::*
cisco	web_security_appliance	7.5.0-000	cpe:2.3:a:cisco:web_security_appliance:7.5.0-000:::::::*
cisco	web_security_appliance	7.5.0-825	cpe:2.3:a:cisco:web_security_appliance:7.5.0-825:::::::*
cisco	web_security_appliance	7.5.1-000	cpe:2.3:a:cisco:web_security_appliance:7.5.1-000:::::::*
cisco	web_security_appliance	7.5.2-000	cpe:2.3:a:cisco:web_security_appliance:7.5.2-000:::::::*
cisco	web_security_appliance	7.7.0-000	cpe:2.3:a:cisco:web_security_appliance:7.7.0-000:::::::*
cisco	web_security_appliance	7.7.1-000	cpe:2.3:a:cisco:web_security_appliance:7.7.1-000:::::::*
cisco	web_security_appliance	8.0.0-000	cpe:2.3:a:cisco:web_security_appliance:8.0.0-000:::::::*
cisco	web_security_appliance	8.5.0.000	cpe:2.3:a:cisco:web_security_appliance:8.5.0.000:::::::*