CVE-2016-6437

Public PoC / Exploit

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the SSL session cache management of Cisco Wide Area Application Services (WAAS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of disk space. The user would see a performance degradation. More Information: CSCva03095. Known Affected Releases: 5.3(5), 6.1(1), 6.2(1). Known Fixed Releases: 5.3(5g)1, 6.2(2.32).

Weaknesses (CWE)

CWE-399

Affected Products (13)

cisco · wide_area_application_servicesvulnerable

cisco · wide_area_application_services

References (6)

http://www.securityfocus.com/bid/93524

http://www.securitytracker.com/id/1037002

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-waas

Vendor Advisory

http://www.securityfocus.com/bid/93524

http://www.securitytracker.com/id/1037002

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161012-waas

Vendor Advisory