Vulnerability Description
A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected device to the administrative management interface of an affected device, aka an Access Control Bypass Vulnerability. Affected Products: virtual and hardware versions of Cisco Web Security Appliance (WSA). More Information: CSCvd88863. Known Affected Releases: 10.1.0-204 9.0.0-485.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Web Security Appliance | 9.0.0-162 |
| Cisco | Web Security Virtual Appliance | 9.0.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/99967Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038959Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
- http://www.securityfocus.com/bid/99967Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1038959Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-2Vendor Advisory
FAQ
What is CVE-2017-6751?
CVE-2017-6751 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability in the web proxy functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to forward traffic from the web proxy interface of an affected ...
How severe is CVE-2017-6751?
CVE-2017-6751 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-6751?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Web Security Appliance, Cisco Web Security Virtual Appliance.