Sign-up

ID

VAR-201703-0712


CVE

CVE-2017-3826


TITLE

Cisco NetFlow Generation Appliance software Stream Control Transmission Protocol Service disruption at the decoder (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2017-001918

DESCRIPTION

A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) with software before 1.1(1a) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service (DoS) condition. The vulnerability is due to incomplete validation of SCTP packets being monitored on the NGA data ports. An attacker could exploit this vulnerability by sending malformed SCTP packets on a network that is monitored by an NGA data port. SCTP packets addressed to the IP address of the NGA itself will not trigger this vulnerability. An exploit could allow the attacker to cause the appliance to become unresponsive or reload, causing a DoS condition. User interaction could be needed to recover the device using the reboot command from the CLI. The following Cisco NetFlow Generation Appliances are vulnerable: NGA 3140, NGA 3240, NGA 3340. Cisco Bug IDs: CSCvc83320. Vendors have confirmed this vulnerability Bug ID CSCvc83320 It is released as.Remote attacker could disrupt service operation ( Device hang or reload ) There is a possibility of being put into a state. Attackers can exploit this issue to reload the affected device, denying service to legitimate users. Cisco NetFlow Generation Appliance (NGA) is a set of scalable solutions for data center traffic visibility from Cisco. The solution provides features such as traffic analysis and other demand management. Stream Control Transmission Protocol (SCTP) decoder is one of the stream control transmission protocol decoders. A denial of service vulnerability exists in the SCTP decoder in Cisco NGA versions 3140, 3240, and 3340

Trust: 1.98

sources: NVD: CVE-2017-3826 // JVNDB: JVNDB-2017-001918 // BID: 96509 // VULHUB: VHN-112029

AFFECTED PRODUCTS

vendor:ciscomodel:netflow generation appliance softwarescope:eqversion:1.0.0

Trust: 1.6

vendor:ciscomodel:netflow generation appliance softwarescope:eqversion:1.1.0

Trust: 1.6

vendor:ciscomodel:netflow generation appliance softwarescope:eqversion:1.0\(2\)

Trust: 1.6

vendor:ciscomodel:netflow generation appliance softwarescope:eqversion:1.1\(1\)

Trust: 1.6

vendor:ciscomodel:netflow generation the appliance 3140scope: - version: -

Trust: 0.8

vendor:ciscomodel:netflow generation the appliance 3240scope: - version: -

Trust: 0.8

vendor:ciscomodel:netflow generation the appliance 3340scope: - version: -

Trust: 0.8

vendor:ciscomodel:netflow generation appliance softwarescope:ltversion:1.1(1a)

Trust: 0.8

vendor:ciscomodel:netflow generation appliancesscope:eqversion:33401.0(2)

Trust: 0.3

vendor:ciscomodel:netflow generation appliancesscope:eqversion:32401.0(2)

Trust: 0.3

vendor:ciscomodel:netflow generation appliancesscope:eqversion:31401.0(2)

Trust: 0.3

sources: BID: 96509 // JVNDB: JVNDB-2017-001918 // CNNVD: CNNVD-201703-021 // NVD: CVE-2017-3826

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-3826
value: HIGH

Trust: 1.0

NVD: CVE-2017-3826
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201703-021
value: HIGH

Trust: 0.6

VULHUB: VHN-112029
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-3826
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-112029
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-3826
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-112029 // JVNDB: JVNDB-2017-001918 // CNNVD: CNNVD-201703-021 // NVD: CVE-2017-3826

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

problemtype:CWE-20

Trust: 1.1

sources: VULHUB: VHN-112029 // JVNDB: JVNDB-2017-001918 // NVD: CVE-2017-3826

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201703-021

TYPE

Input Validation Error

Trust: 0.9

sources: BID: 96509 // CNNVD: CNNVD-201703-021

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-001918

PATCH
title:cisco-sa-20170301-ngaurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-nga
Trust: 0.8
title:Cisco NetFlow Generation Appliance Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68030
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2017-001918 // 
            
            
            
            CNNVD: CNNVD-201703-021

EXTERNAL IDS
db:NVDid:CVE-2017-3826
Trust: 2.8
db:BIDid:96509
Trust: 2.0
db:SECTRACKid:1037938
Trust: 1.7
db:JVNDBid:JVNDB-2017-001918
Trust: 0.8
db:CNNVDid:CNNVD-201703-021
Trust: 0.7
db:VULHUBid:VHN-112029
Trust: 0.1
sources:
            
            
            VULHUB: VHN-112029 // 
            
            
            
            BID: 96509 // 
            
            
            
            JVNDB: JVNDB-2017-001918 // 
            
            
            
            CNNVD: CNNVD-201703-021 // 
            
            
            
            NVD: CVE-2017-3826

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170301-nga
Trust: 2.0
url:http://www.securityfocus.com/bid/96509
Trust: 1.7
url:http://www.securitytracker.com/id/1037938
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3826
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-3826
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-112029 // 
            
            
            
            BID: 96509 // 
            
            
            
            JVNDB: JVNDB-2017-001918 // 
            
            
            
            CNNVD: CNNVD-201703-021 // 
            
            
            
            NVD: CVE-2017-3826

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 96509

SOURCES
db:VULHUBid:VHN-112029
db:BIDid:96509
db:JVNDBid:JVNDB-2017-001918
db:CNNVDid:CNNVD-201703-021
db:NVDid:CVE-2017-3826

LAST UPDATE DATE
2025-04-20T23:38:33.491000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-112029date:2019-10-03T00:00:00
db:BIDid:96509date:2017-03-07T03:10:00
db:JVNDBid:JVNDB-2017-001918date:2017-03-23T00:00:00
db:CNNVDid:CNNVD-201703-021date:2019-10-23T00:00:00
db:NVDid:CVE-2017-3826date:2025-04-20T01:37:25.860

SOURCES RELEASE DATE
db:VULHUBid:VHN-112029date:2017-03-01T00:00:00
db:BIDid:96509date:2017-03-02T00:00:00
db:JVNDBid:JVNDB-2017-001918date:2017-03-23T00:00:00
db:CNNVDid:CNNVD-201703-021date:2017-03-02T00:00:00
db:NVDid:CVE-2017-3826date:2017-03-01T21:59:00.367