Cisco Web Security Appliance Web Framework HTTP Header Injection Vulnerability


Description   A vulnerability has been identified in Cisco Web Security Appliance.
A remote attacker can exploit it by inciting their victim to follow a specially crafted URL in order to execute arbitrary JavaScript / HTML code.
This vulnerability is due to insufficient validation of HTTP headers in the web framework.
     
Vulnerable Products   Vulnerable Software:
Web Security Appliance (Cisco) - 8.5 .0-497
     
Solution   No solution for the moment.
     
CVE   CVE-2015-4198
     
References   - CSCuu24409 : Cisco Web Security Appliance Web Framework HTTP Header Injection Vulnerability
http://tools.cisco.com/security/center/viewAlert.x?alertId=39422
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
HTTP Request Smuggling : HTTP command found in header
3.2.0
HTTP Request Smuggling : Content-Length and Transfer-Encoding: chunked fields in header
3.2.0
HTTP Request Smuggling : suspicious syntax using HTTP keyword
3.2.0
HTTP Request Smuggling : multiple Content-Length fields
3.2.0
     


 
 
 
 
 Risk level 
Moderate 

 Vulnerability First Public Report Date 
2015-06-19 

 Target Type 
Server 

 Possible exploit 
Remote