|Number of vulnerabilities||1|
|CVE ID|| CVE-2018-0087
|CWE ID|| CWE-284
|Public exploit||Not available|
Cisco Web Security Appliance
|Vulnerable software versions||
Cisco Web Security Appliance 10.5.2-034
|Vendor URL||Cisco Systems, Inc|
The vulnerability allows a remote attacker to bypass security restrictions on the target system.
The weakness exists in the FTP server due to incorrect FTP user credential validation. A remote attacker can use FTP to connect to the management IP address and log in to the FTP server of the Cisco WSA without having a valid password.
Update to version 10.5.2-034.External links