How severe is CVE-2017-3870?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.8 out of 10.

What type of vulnerability is CVE-2017-3870?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2017-3870 - MEDIUM Severity | CVSS 5.8

Vulnerability Description

A vulnerability in the URL filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured URL filter rule. Affected Products: This vulnerability affects all releases prior to the first fixed release of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA), both virtual and hardware appliances, that are configured with URL filters for email scanning. More Information: CSCvc69700. Known Affected Releases: 8.5.3-069 9.1.1-074 9.1.2-010.

Related Vulnerabilities

CVE-2024-27791

MEDIUM

CVSS:5.8(Medium)

The issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, tvOS 17.3, macOS Ventura 13.6.4, iOS 16.7.5 and iPadOS 16.7.5, macOS Monterey 12.7.3, macOS Sonoma 14.3. ...

CWE-1192024

CVE-2016-8790

MEDIUM

CVSS:5.7(Medium)

Huawei CloudEngine 5800 with software before V200R001C00SPC700, CloudEngine 6800 with software before V200R001C00SPC700, CloudEngine 7800 with software before V200R001C00SPC700, CloudEngine 8800 with ...

CWE-1192016

CVE-2019-7231

MEDIUM

CVSS:5.7(Medium)

The ABB IDAL FTP server is vulnerable to a buffer overflow when a long string is sent by an authenticated attacker. This overflow is handled, but terminates the process. An authenticated attacker can ...

CWE-1192019

CVE-2021-3409

MEDIUM

CVSS:5.7(Medium)

The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation co...

CWE-1192021

CVE-2013-5571

MEDIUM

CVSS:5.9(Medium)

HMailServer 5.3.x and prior: Memory Corruption which could cause DOS

CWE-1192013

CVE-2015-5314

MEDIUM

CVSS:5.9(Medium)

The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal...

CWE-1192015