OpenCVE

A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Secure Sockets Layer (SSL) server certificates. An attacker could exploit this vulnerability by installing a malformed certificate in a web server and sending a request to it through the Cisco WSA. A successful exploit could allow the attacker to cause an unexpected restart of the proxy process on an affected device.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Cisco	Asyncos Web Security Appliance

Configuration 1 [-]

OR	cpe:2.3:o:cisco:asyncos::::::::
	cpe:2.3:o:cisco:asyncos::::::::

Configuration 2 [-]

OR	cpe:2.3:a:cisco:web_security_appliance:10.5.2-072:::::::*
	cpe:2.3:a:cisco:web_security_appliance:10.5.3-025:::::::*
	cpe:2.3:a:cisco:web_security_appliance:11.7.0-fcs-334:::::::*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/109049
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-wsa-dos

History

Tue, 19 Nov 2024 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2019-07-04T19:50:10.367933Z

Updated: 2024-11-19T19:03:49.939Z

Reserved: 2018-12-06T00:00:00

Link: CVE-2019-1886

Vulnrichment

Updated: 2024-08-04T18:35:50.767Z

NVD

Status : Modified

Published: 2019-07-04T20:15:11.000

Modified: 2024-11-21T04:37:36.930

Link: CVE-2019-1886

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Cisco Web Security Appliance (WSA)", "vendor": "Cisco", "versions": [{"lessThan": "10.5.5-005", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "datePublic": "2019-07-03T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Secure Sockets Layer (SSL) server certificates. An attacker could exploit this vulnerability by installing a malformed certificate in a web server and sending a request to it through the Cisco WSA. A successful exploit could allow the attacker to cause an unexpected restart of the proxy process on an affected device."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-07-05T09:06:04", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20190703 Cisco Web Security Appliance HTTPS Certificate Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-wsa-dos"}, {"name": "109049", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/109049"}], "source": {"advisory": "cisco-sa-20190703-wsa-dos", "defect": [["CSCvo33747"]], "discovery": "INTERNAL"}, "title": "Cisco Web Security Appliance HTTPS Certificate Denial of Service Vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2019-07-03T16:00:00-0700", "ID": "CVE-2019-1886", "STATE": "PUBLIC", "TITLE": "Cisco Web Security Appliance HTTPS Certificate Denial of Service Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Web Security Appliance (WSA)", "version": {"version_data": [{"affected": "<", "version_affected": "<", "version_value": "10.5.5-005"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Secure Sockets Layer (SSL) server certificates. An attacker could exploit this vulnerability by installing a malformed certificate in a web server and sending a request to it through the Cisco WSA. A successful exploit could allow the attacker to cause an unexpected restart of the proxy process on an affected device."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "impact": {"cvss": {"baseScore": "8.6", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "references": {"reference_data": [{"name": "20190703 Cisco Web Security Appliance HTTPS Certificate Denial of Service Vulnerability", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-wsa-dos"}, {"name": "109049", "refsource": "BID", "url": "http://www.securityfocus.com/bid/109049"}]}, "source": {"advisory": "cisco-sa-20190703-wsa-dos", "defect": [["CSCvo33747"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T18:35:50.767Z"}, "title": "CVE Program Container", "references": [{"name": "20190703 Cisco Web Security Appliance HTTPS Certificate Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-wsa-dos"}, {"name": "109049", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/109049"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-19T17:23:48.968119Z", "id": "CVE-2019-1886", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-19T19:03:49.939Z"}}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2019-1886", "datePublished": "2019-07-04T19:50:10.367933Z", "dateReserved": "2018-12-06T00:00:00", "dateUpdated": "2024-11-19T19:03:49.939Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-wsa-dos", "name": "20190703 Cisco Web Security Appliance HTTPS Certificate Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/109049", "name": "109049", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T18:35:50.767Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2019-1886", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-19T17:23:48.968119Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-19T17:24:15.656Z"}}], "cna": {"title": "Cisco Web Security Appliance HTTPS Certificate Denial of Service Vulnerability", "source": {"defect": [["CSCvo33747"]], "advisory": "cisco-sa-20190703-wsa-dos", "discovery": "INTERNAL"}, "metrics": [{"cvssV3_0": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Cisco", "product": "Cisco Web Security Appliance (WSA)", "versions": [{"status": "affected", "version": "unspecified", "lessThan": "10.5.5-005", "versionType": "custom"}]}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "datePublic": "2019-07-03T00:00:00", "references": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-wsa-dos", "name": "20190703 Cisco Web Security Appliance HTTPS Certificate Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"]}, {"url": "http://www.securityfocus.com/bid/109049", "name": "109049", "tags": ["vdb-entry", "x_refsource_BID"]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Secure Sockets Layer (SSL) server certificates. An attacker could exploit this vulnerability by installing a malformed certificate in a web server and sending a request to it through the Cisco WSA. A successful exploit could allow the attacker to cause an unexpected restart of the proxy process on an affected device."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20"}]}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2019-07-05T09:06:04"}, "x_legacyV4Record": {"impact": {"cvss": {"version": "3.0", "baseScore": "8.6", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}}, "source": {"defect": [["CSCvo33747"]], "advisory": "cisco-sa-20190703-wsa-dos", "discovery": "INTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"affected": "<", "version_value": "10.5.5-005", "version_affected": "<"}]}, "product_name": "Cisco Web Security Appliance (WSA)"}]}, "vendor_name": "Cisco"}]}}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "data_type": "CVE", "references": {"reference_data": [{"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-wsa-dos", "name": "20190703 Cisco Web Security Appliance HTTPS Certificate Denial of Service Vulnerability", "refsource": "CISCO"}, {"url": "http://www.securityfocus.com/bid/109049", "name": "109049", "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Secure Sockets Layer (SSL) server certificates. An attacker could exploit this vulnerability by installing a malformed certificate in a web server and sending a request to it through the Cisco WSA. A successful exploit could allow the attacker to cause an unexpected restart of the proxy process on an affected device."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2019-1886", "STATE": "PUBLIC", "TITLE": "Cisco Web Security Appliance HTTPS Certificate Denial of Service Vulnerability", "ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2019-07-03T16:00:00-0700"}}}}, "cveMetadata": {"cveId": "CVE-2019-1886", "state": "PUBLISHED", "dateUpdated": "2024-11-19T19:03:49.939Z", "dateReserved": "2018-12-06T00:00:00", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "datePublished": "2019-07-04T19:50:10.367933Z", "assignerShortName": "cisco"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*", "matchCriteriaId": "9081B2CB-90C8-428D-91DF-B30DC68AB5BF", "versionEndExcluding": "10.5.5-005", "versionStartIncluding": "10.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:asyncos:*:*:*:*:*:*:*:*", "matchCriteriaId": "D72CE539-D7A7-41D9-9B0E-727435449E80", "versionEndExcluding": "11.5.2-020", "versionStartIncluding": "11.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.2-072:*:*:*:*:*:*:*", "matchCriteriaId": "B8F218D6-2AF8-449B-8016-E0B8AAA362D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:10.5.3-025:*:*:*:*:*:*:*", "matchCriteriaId": "9B73A407-DD94-455A-BCC2-96A77F9CCA89", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:web_security_appliance:11.7.0-fcs-334:*:*:*:*:*:*:*", "matchCriteriaId": "F7EE04AC-5EFE-46D2-8B54-E923E90E4601", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the HTTPS decryption feature of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to insufficient validation of Secure Sockets Layer (SSL) server certificates. An attacker could exploit this vulnerability by installing a malformed certificate in a web server and sending a request to it through the Cisco WSA. A successful exploit could allow the attacker to cause an unexpected restart of the proxy process on an affected device."}, {"lang": "es", "value": "Una vulnerabilidad en la funci\u00f3n de descifrado HTTPS de Cisco Web Security Appliance (WSA) podr\u00eda permitir que un atacante remoto no autenticado provoque una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se debe a la validaci\u00f3n insuficiente de los certificados de servidor Secure Sockets Layer (SSL). Un atacante podr\u00eda aprovechar esta vulnerabilidad instalando un certificado con formato incorrecto en un servidor web y envi\u00e1ndole una solicitud a trav\u00e9s de Cisco WSA. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante provocar un reinicio inesperado del proceso de proxy en un dispositivo afectado."}], "id": "CVE-2019-1886", "lastModified": "2024-11-21T04:37:36.930", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "ykramarz@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-04T20:15:11.000", "references": [{"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/109049"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-wsa-dos"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/109049"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190703-wsa-dos"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "ykramarz@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-295"}], "source": "nvd@nist.gov", "type": "Primary"}]}