Unrated severityNVD Advisory· Published Jun 20, 2019· Updated Nov 21, 2024
Cisco Wide Area Application Services Software HTTPS Proxy Authentication Bypass Vulnerability
CVE-2019-1876
Description
A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote attacker to use the Central Manager as an HTTPS proxy. The vulnerability is due to insufficient authentication of proxy connection requests. An attacker could exploit this vulnerability by sending a malicious HTTPS CONNECT message to the Central Manager. A successful exploit could allow the attacker to access public internet resources that would normally be blocked by corporate policies.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2unspecified+ 1 more
- (no CPE)range: unspecified
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
2- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-waas-authbypassmitrevendor-advisoryx_refsource_CISCO
- www.securityfocus.com/bid/108863mitrevdb-entryx_refsource_BID
News mentions
0No linked articles in our index yet.