CVE-2015-6298 Information

Description

The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113 8.1.x and 8.5.x before 8.5.3-051 8.6.x and 8.7.x before 8.7.0-171-LD and 8.8.x before 8.8.0-085 on Web Security Appliance (WSA) devices allows remote authenticated users to obtain root privileges via crafted certificate-generation arguments aka Bug ID CSCus83445.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-wsa http://www.securitytracker.com/id/1034059