cvedb.io
CVE-2017-5872
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2017-03-10T02:59:00.213 · Last modified 2026-06-17T01:21:21.637

Summary

The TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 57.1 before 57.152, 58.1 before 58.142, or 59.1 before 59.172, when running a TLS 1.2 service, allows remote attackers to cause a denial of service (network connectivity disruption) via a client hello with a signature_algorithms extension above those defined in RFC 5246, which triggers a full memory dump.

Affected products

unisys — clearpath_mcp

Does this affect you?

Add your gear to cvedb and we'll alert you only when unisys ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.