How severe is CVE-2017-12311?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2017-12311?

This is classified as CWE-399, which is a common weakness in software security.

CVE-2017-12311

MEDIUM Year: 2017

CVSS v3 Score

5.8

Medium

CVSS v2 Score

5.0

Medium

Weakness Type

CWE-399

View all →

Vulnerability Description

A vulnerability in the H.264 decoder function of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a Cisco Meeting Server media process to restart unexpectedly when it receives an illegal H.264 frame. The vulnerability is triggered by an H.264 frame that has an invalid picture parameter set (PPS) value. An attacker could exploit this vulnerability by sending a malformed H.264 frame to the targeted device. An exploit could allow the attacker to cause a denial of service (DoS) condition because the media process could restart. The media session should be re-established within a few seconds, during which there could be a brief interruption in service. Cisco Bug IDs: CSCvg12559.

CVE-2017-6613

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the DNS input packet processor for Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause the DNS process to momentarily restart, which could lead to...

CWE-3992017

CVE-2021-1377

MEDIUM

CVSS:5.8(Medium)

A vulnerability in Address Resolution Protocol (ARP) management of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent an affected device from resol...

CWE-3992021

CVE-2024-20407

MEDIUM

CVSS:5.8(Medium)

A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker t...

CWE-3992024

CVE-2016-2116

MEDIUM

CVSS:5.7(Medium)

Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG ...

CWE-3992016

CVE-2014-9686

MEDIUM

CVSS:5.9(Medium)

The Googlemaps plugin 3.2 and earlier for Joomla! allows remote attackers with control of a sub-domain belonging to a victim domain to cause a denial of service via the 'url' parameter to plugin_googl...

CWE-3992014

CVE-2016-10259

MEDIUM

CVSS:5.9(Medium)

Symantec SSL Visibility (SSLV) 3.8.4FC, 3.9, 3.10 before 3.10.4.1, and 3.11 before 3.11.3.1 is susceptible to a denial-of-service vulnerability that impacts the SSL servers for intercepted SSL connect...

CWE-3992016

CVE-2017-12311

Vulnerability Description

Related Vulnerabilities

CVE-2017-6613

CVE-2021-1377

CVE-2024-20407

CVE-2016-2116

CVE-2014-9686

CVE-2016-10259