Boletines de Vulnerabilidades

Cisco Secure Web Appliance Content Encoding Filter Bypass Vulnerabilities


Información sobre el sistema

   
Software afectado Cisco

Descripción

Update for March 2, 2023: Since this advisory originally published, Cisco has become aware of an issue in a fix for older major Cisco Secure Web Appliance software releases. That issue introduced additional vulnerabilities in releases 14.5.0-537 and 14.5.1-008. Cisco is investigating these new issues and will provide a fix in April 2023 for software releases later than Release 14.5.1-008. These fixes will address all known filter bypass vulnerabilities that are listed in this advisory, as well

More info:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-bypass-bwBfugek?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Secure%20Web%20Appliance%20Content%20Encoding%20Filter%20Bypass%20Vulnerabilities&vs_k=1

Identificadores estándar

Propiedad Valor
CVE CVE-2022-20952.

Histórico de versiones

Versión Comentario Data
1.0 Advisory issued 2023-03-08
Ministerio de Defensa
CNI
CCN
CCN-CERT