Cisco Web Security Appliance is susceptible to CRLF injection, which allows an attacker to then inject arbitrary HTTP headers, which then can be leveraged to redirect targets to malicious content.
Web Security Appliance (WSA) 7.7 and earlier
No Exploit Available
By injecting HTTP headers via CRLF injection attacks, an attacker may redirect users to malicious websites. These malicious websites may host exploit kits, or try to steal sensitive information by spoofing popular websites.
BeyondTrust Prevention and Detection:
BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.
- 33542 - Cisco Web Security Appliance (WSA) HTTP Header Weakness (Zero-Day)
There are no mitigations available.