CVE-2021-34698— Cisco Web Security Appliance Proxy Service Denial of Service Vulnerability
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-34698
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Web Security Appliance Proxy Service Denial of Service Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the proxy service of Cisco AsyncOS for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper memory management in the proxy service of an affected device. An attacker could exploit this vulnerability by establishing a large number of HTTPS connections to the affected device. A successful exploit could allow the attacker to cause the system to stop processing new connections, which could result in a DoS condition. Note: Manual intervention may be required to recover from this situation.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
在移除最后引用时对内存的释放不恰当(内存泄露)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco AsyncOS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco AsyncOS是美国思科(Cisco)公司的一款应用于思科设备的操作系统。 Cisco AsyncOS for Cisco Web Security Appliance存在安全漏洞,该漏洞源于受影响设备的代理服务的内存管理不当造成的。攻击者可以通过与受影响的设备建立大量HTTPS连接来利用该漏洞。如果攻击成功,攻击者可利用该漏洞可能会导致系统停止处理新连接,从而导致拒绝服务攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco Web Security Appliance (WSA) | n/a | - |
II. Public POCs for CVE-2021-34698
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-34698
请登录查看更多情报信息。
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-dos-fmHdKswkvendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2021-34698
Same Patch Batch · Cisco · 2021-10-06 · 23 CVEs total
| CVE-2021-34710 | 8.8 HIGH | Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities |
| CVE-2021-34735 | 8.8 HIGH | Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities |
| CVE-2021-34748 | 8.8 HIGH | Cisco Intersight Virtual Appliance Command Injection Vulnerability |
| CVE-2021-1594 | 7.5 HIGH | Cisco Identity Services Engine Privilege Escalation Vulnerability |
| CVE-2021-34788 | 7.0 HIGH | Cisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) M |
| CVE-2021-34706 | 6.4 MEDIUM | Cisco Identity Services Engine XML External Entity Injection Vulnerability |
| CVE-2021-34742 | 6.1 MEDIUM | Cisco Vision Dynamic Signage Director Reflected Cross-Site Scripting Vulnerability |
| CVE-2021-1534 | 5.8 MEDIUM | Cisco Email Security Appliance URL Filtering Bypass Vulnerability |
| CVE-2021-34711 | 5.5 MEDIUM | Cisco IP Phone Software Arbitrary File Read Vulnerability |
| CVE-2021-34766 | 5.4 MEDIUM | Cisco Smart Software Manager Privilege Escalation Vulnerability |
| CVE-2021-34757 | 4.9 MEDIUM | Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities |
| CVE-2021-34744 | 4.9 MEDIUM | Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities |
| CVE-2021-34772 | 4.7 MEDIUM | Cisco Orbital Open Redirect Vulnerability |
| CVE-2021-34758 | 4.4 MEDIUM | Cisco TelePresence Collaboration Endpoint and RoomOS Software Denial of Service Vulnerabi |
| CVE-2021-34775 | 4.3 MEDIUM | Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabiliti |
| CVE-2021-34776 | 4.3 MEDIUM | Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabiliti |
| CVE-2021-34777 | 4.3 MEDIUM | Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabiliti |
| CVE-2021-34778 | 4.3 MEDIUM | Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabiliti |
| CVE-2021-34779 | 4.3 MEDIUM | Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabiliti |
| CVE-2021-34780 | 4.3 MEDIUM | Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabiliti |
Showing top 20 of 23 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Cisco Web Security Appliance (WSA)
- CVE-2023-20028
Cisco Secure Email Gateway, Cisco Secure Email and Web Manag - CVE-2023-20120
Cisco Secure Email Gateway, Cisco Secure Email and Web Manag - CVE-2022-20675
Multiple Cisco Security Products Simple Network Management P - CVE-2022-20781
Cisco Web Security Appliance Stored Cross-Site Scripting Vul - CVE-2022-20784
Cisco Web Security Appliance Filter Bypass Vulnerability
Same vendor: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
Same weakness: CWE-401
- CVE-2026-43506
Prosody 安全漏洞 - CVE-2026-7379
Missing Release of Memory after Effective Lifetime in Wiresh - CVE-2026-40336
libgphoto2 has memory leak in ptp_unpack_Sony_DPD() secondar - CVE-2026-33775
Junos OS: MX Series: Mismatch between configured and receive - CVE-2026-33782
Junos OS: MX Series: In specific DHCPv6 scenarios jdhcpd mem
V. Comments for CVE-2021-34698
No comments yet