Cisco Web Security Virtual Appliance — known CVE vulnerabilities
Every CVE whose affected-product data names Cisco Web Security Virtual Appliance, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2017-6751 — CVSS 7.5 (high): A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to…
CVE-2017-6750 — CVSS 7.5 (high): A vulnerability in AsyncOS for the Cisco Web Security Appliance (WSA) could allow an unauthenticated, local attacker to log in to the…
CVE-2017-6748 — CVSS 6.7 (medium): A vulnerability in the CLI parser of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command…
CVE-2017-6749 — CVSS 5.4 (medium): A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker…
CVE-2015-4216 — CVSS 5.0 (medium): The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management…
CVE-2015-6287 — CVSS 5.0 (medium): Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a…
CVE-2021-1271 — CVSS 4.8 (medium): A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an authenticated…
CVE-2015-6290 — CVSS 4.3 (medium): Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP…
CVE-2015-4217 — CVSS 4.3 (medium): The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management…
CVE-2014-2137 — CVSS 4.3 (medium): CRLF injection vulnerability in the web framework in Cisco Web Security Appliance (WSA) 7.7 and earlier allows remote attackers to inject…