What is CVE-2017-12287?

CVE-2017-12287 is a medium-severity vulnerability in Cisco Expressway, classified under CWE-399. CVSS score: 4.3/10. Published 2017-10-19.

How severe is CVE-2017-12287?

Medium severity. CVSS v3 base score is 4.3 out of 10.

Improper input validation in Cisco Expressway

CVE-2017-12287

A vulnerability in the cluster database (CDB) management component of Cisco Expressway Series Software and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to cause the CDB process…

EPSS: 0.005 (66.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 4.3 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L.

Affected products

Cisco Expressway
Cisco Telepresence_conductor
Cisco Telepresence_video_communication_server
N/a Cisco Expressway Series And Telepresence Video Communication Server — versions Cisco Expressway Series and Cisco TelePresence Video Communication Server

Weakness classification (CWE)

References

psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
psirt@cisco.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_SECTRACK)
psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2017-12287?: CVE-2017-12287 is a medium-severity vulnerability in Cisco Expressway, classified under CWE-399. CVSS score: 4.3/10. Published 2017-10-19.
How severe is CVE-2017-12287?: Medium severity. CVSS v3 base score is 4.3 out of 10.