Vulnerability Name:

CVE-2015-4198 (CCN-103968)

Assigned:2015-06-19
Published:2015-06-19
Updated:2016-12-28
Summary:Cross-site scripting (XSS) vulnerability in the web framework on Cisco Web Security Appliance (WSA) devices with software 8.5.0-497 allows remote attackers to inject arbitrary web script or HTML via an unspecified HTTP header, aka Bug ID CSCuu24409.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-79
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2015-4198

Source: CCN
Type: Cisco Vulnerability Alert 39422
Cisco Web Security Appliance Web Framework HTTP Header Injection Vulnerability

Source: CISCO
Type: Vendor Advisory
20150619 Cisco Web Security Appliance Web Framework HTTP Header Injection Vulnerability

Source: BID
Type: Third Party Advisory, VDB Entry
75326

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1032676

Source: XF
Type: UNKNOWN
cisco-web-cve20154198-header-injection(103968)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:cisco:web_security_appliance:8.5.0-497:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:cisco:web_security_appliance_(wsa):8.5.0-497:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco web security appliance 8.5.0-497
    cisco web security appliance (wsa) 8.5.0-497