\" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as ... CVSS 9.8 CRITICAL.", "author": {"@type": "Organization", "name": "White Hats Nepal"}, "publisher": {"@id": "https://blog.pentestnepal.tech/#organization"}, "datePublished": "2017-12-01", "dateModified": "2026-05-13", "mainEntityOfPage": "https://blog.pentestnepal.tech/cve/cve-2017-17086/", "inLanguage": "en"}, {"@type": "FAQPage", "mainEntity": [{"@type": "Question", "name": "What is CVE-2017-17086?", "acceptedAnswer": {"@type": "Answer", "text": "CVE-2017-17086 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Indeo Otter through 1.7.4 mishandles a \"\" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as ..."}}, {"@type": "Question", "name": "How severe is CVE-2017-17086?", "acceptedAnswer": {"@type": "Answer", "text": "CVE-2017-17086 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention."}}, {"@type": "Question", "name": "Is there a patch for CVE-2017-17086?", "acceptedAnswer": {"@type": "Answer", "text": "Check the references section above for vendor advisories and patch information. Affected products include: Inedo Otter."}}]}]}
  1. Home
  2. CVE Database
  3. CVE-2017-17086
CRITICAL · 9.8

CVE-2017-17086

Indeo Otter through 1.7.4 mishandles a "</script>" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as ...

Vulnerability Description

Indeo Otter through 1.7.4 mishandles a "</script>" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as demonstrated by the Plan Editor.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
InedoOtter<= 1.7.4

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2017-17086?

CVE-2017-17086 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Indeo Otter through 1.7.4 mishandles a "</script>" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as ...

How severe is CVE-2017-17086?

CVE-2017-17086 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2017-17086?

Check the references section above for vendor advisories and patch information. Affected products include: Inedo Otter.