How severe is CVE-2017-12215?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2017-12215?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2017-12215

HIGH Year: 2017

CVSS v3 Score

7.1

High

CVSS v2 Score

7.8

High

Weakness Type

CWE-20

View all →

Vulnerability Description

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for the Cisco Email Security Appliance could allow an unauthenticated, remote attacker to cause an affected device to run out of memory and stop scanning and forwarding email messages. When system memory is depleted, it can cause the filtering process to crash, resulting in a denial of service (DoS) condition on the device. This vulnerability affects software version 9.0 through the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliances, both virtual and hardware appliances, if the software is configured to apply a message filter or content filter to incoming email attachments. The vulnerability is not limited to any specific rules or actions for a message filter or content filter. Cisco Bug IDs: CSCvd29354.

CVE-2009-2516

HIGH

CVSS:7.1(High)

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly validate data sent from user mode, which allows local users to gai...

CWE-202009

CVE-2015-3150

HIGH

CVSS:7.1(High)

abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElemen...

CWE-202015

CVE-2015-9544

HIGH

CVSS:7.1(High)

An issue was discovered in xdLocalStorage through 2.0.5. The receiveMessage() function in xdLocalStoragePostMessageApi.js does not implement any validation of the origin of web messages. Remote attack...

CWE-202015

CVE-2015-9545

HIGH

CVSS:7.1(High)

An issue was discovered in xdLocalStorage through 2.0.5. The receiveMessage() function in xdLocalStorage.js does not implement any validation of the origin of web messages. Remote attackers who can en...

CWE-202015

CVE-2016-3185

HIGH

CVSS:7.1(High)

The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28, 5.6.x before 5.6.12, and 7.x before 7.0.4 allows remote attackers to obtain sensitive information ...

CWE-202016

CVE-2016-4449

HIGH

CVSS:7.1(High)

XML external entity (XXE) vulnerability in the xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.4, when not in validating mode, allows context-dependent attackers to read arbitrar...

CWE-202016

CVE-2017-12215

Vulnerability Description

Related Vulnerabilities

CVE-2009-2516

CVE-2015-3150

CVE-2015-9544

CVE-2015-9545

CVE-2016-3185

CVE-2016-4449