Lucene search
CiscoCVE-2015-6386HistoryDec 01, 2015 - 11:59 a.m.
CVE-2015-6386
2015-12-0111:59:03
CWE-399
cisco
web.nvd.nist.gov
29
cisco
wsa
ftp
denial of service
vulnerability
cve-2015-6386
nvd
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.9
Confidence
Low
EPSS
0.002
Percentile
56.0%
The passthrough FTP feature on Cisco Web Security Appliance (WSA) devices with software 8.0.7-142 and 8.5.1-021 allows remote attackers to cause a denial of service (CPU consumption) via FTP sessions in which the control connection is ended after data transfer, aka Bug ID CSCut94150.
Affected configurations
Node
ciscoweb_security_applianceMatch8.0.7-142
ORciscoweb_security_applianceMatch8.5.1-021
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | web_security_appliance | 8.0.7-142 | cpe:2.3:a:cisco:web_security_appliance:8.0.7-142:*:*:*:*:*:*:* |
| cisco | web_security_appliance | 8.5.1-021 | cpe:2.3:a:cisco:web_security_appliance:8.5.1-021:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2015-6386
2015-12-01 11:00:00
prion
prion
Code injection
2015-12-01 11:59:00
openvas
openvas
Cisco Web Security Appliance Native FTP Denial of Service Vulnerability
2015-12-01 00:00:00
cisco
cisco
Cisco Web Security Appliance Native FTP Denial of Service Vulnerability
2015-11-30 22:20:00
nvd
nvd
CVE-2015-6386
2015-12-01 11:59:03
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.9
Confidence
Low
EPSS
0.002
Percentile
56.0%
Related for CVE-2015-6386