CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
50.6%
CRLF injection vulnerability in the web framework in Cisco Web Security Appliance (WSA) 7.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL, aka Bug ID CSCuj61002.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | web_security_virtual_appliance | * | cpe:2.3:a:cisco:web_security_virtual_appliance:*:*:*:*:*:*:*:* |
cisco | web_security_virtual_appliance | 7.1.0 | cpe:2.3:a:cisco:web_security_virtual_appliance:7.1.0:*:*:*:*:*:*:* |
cisco | web_security_virtual_appliance | 7.1.1 | cpe:2.3:a:cisco:web_security_virtual_appliance:7.1.1:*:*:*:*:*:*:* |
cisco | web_security_virtual_appliance | 7.1.2 | cpe:2.3:a:cisco:web_security_virtual_appliance:7.1.2:*:*:*:*:*:*:* |
cisco | web_security_virtual_appliance | 7.1.3 | cpe:2.3:a:cisco:web_security_virtual_appliance:7.1.3:*:*:*:*:*:*:* |
cisco | web_security_virtual_appliance | 7.1.4 | cpe:2.3:a:cisco:web_security_virtual_appliance:7.1.4:*:*:*:*:*:*:* |
cisco | web_security_virtual_appliance | 7.5.0 | cpe:2.3:a:cisco:web_security_virtual_appliance:7.5.0:*:*:*:*:*:*:* |
cisco | web_security_virtual_appliance | 7.5.1 | cpe:2.3:a:cisco:web_security_virtual_appliance:7.5.1:*:*:*:*:*:*:* |
cisco | web_security_appliance | - | cpe:2.3:h:cisco:web_security_appliance:-:*:*:*:*:*:*:* |