Vulnerability Details : CVE-2017-3826
A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) with software before 1.1(1a) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service (DoS) condition. The vulnerability is due to incomplete validation of SCTP packets being monitored on the NGA data ports. An attacker could exploit this vulnerability by sending malformed SCTP packets on a network that is monitored by an NGA data port. SCTP packets addressed to the IP address of the NGA itself will not trigger this vulnerability. An exploit could allow the attacker to cause the appliance to become unresponsive or reload, causing a DoS condition. User interaction could be needed to recover the device using the reboot command from the CLI. The following Cisco NetFlow Generation Appliances are vulnerable: NGA 3140, NGA 3240, NGA 3340. Cisco Bug IDs: CSCvc83320.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2017-3826
- cpe:2.3:o:cisco:netflow_generation_appliance_software:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:netflow_generation_appliance_software:1.1\(1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:netflow_generation_appliance_software:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:netflow_generation_appliance_software:1.0\(2\):*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-3826
0.56%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 75 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-3826
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2017-3826
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
-
Assigned by: ykramarz@cisco.com (Secondary)
References for CVE-2017-3826
-
http://www.securitytracker.com/id/1037938
Cisco NetFlow Generation Appliance SCTP Decoder Flaw Lets Remote Users Cause the Target System to Reload - SecurityTracker
-
http://www.securityfocus.com/bid/96509
Multiple Cisco NetFlow Generation Appliances CVE-2017-3826 Denial of Service Vulnerability
-
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-nga
Cisco NetFlow Generation Appliance Stream Control Transmission Protocol Denial of Service VulnerabilityVendor Advisory
Jump to