CVE-2017-12256

CVE Database · CVE-2017-12256

CVE-2017-12256

· N/AModified

CVSS v3.1

N/A

EPSS

1.42%

Published

Oct 5, 2017

Modified

May 12, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the Akamai Connect feature of Cisco Wide Area Application Services (WAAS) Appliances could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition on an affected device. The vulnerability is due to certain file-handling inefficiencies of the affected system. An attacker could exploit this vulnerability by directing client systems to access a corrupted file that the client systems cannot decompress correctly. A successful exploit could allow the attacker to cause the affected device to crash or hang unexpectedly and result in a DoS condition that may require manual intervention to regain normal operating conditions. Cisco Bug IDs: CSCve82472.

Weaknesses (CWE)

CWE-399

Affected Products (1)

cisco · wide_area_application_servicesvulnerable

References (4)

http://www.securityfocus.com/bid/101180

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-waas

Vendor Advisory

http://www.securityfocus.com/bid/101180

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-waas

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs