VAR-201703-0712
Vulnerability from variot - Updated: 2025-04-20 23:38A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) with software before 1.1(1a) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service (DoS) condition. The vulnerability is due to incomplete validation of SCTP packets being monitored on the NGA data ports. An attacker could exploit this vulnerability by sending malformed SCTP packets on a network that is monitored by an NGA data port. SCTP packets addressed to the IP address of the NGA itself will not trigger this vulnerability. An exploit could allow the attacker to cause the appliance to become unresponsive or reload, causing a DoS condition. User interaction could be needed to recover the device using the reboot command from the CLI. The following Cisco NetFlow Generation Appliances are vulnerable: NGA 3140, NGA 3240, NGA 3340. Cisco Bug IDs: CSCvc83320. Vendors have confirmed this vulnerability Bug ID CSCvc83320 It is released as.Remote attacker could disrupt service operation ( Device hang or reload ) There is a possibility of being put into a state. Attackers can exploit this issue to reload the affected device, denying service to legitimate users. Cisco NetFlow Generation Appliance (NGA) is a set of scalable solutions for data center traffic visibility from Cisco. The solution provides features such as traffic analysis and other demand management. Stream Control Transmission Protocol (SCTP) decoder is one of the stream control transmission protocol decoders. A denial of service vulnerability exists in the SCTP decoder in Cisco NGA versions 3140, 3240, and 3340
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201703-0712",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netflow generation appliance software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.0.0"
},
{
"model": "netflow generation appliance software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.1.0"
},
{
"model": "netflow generation appliance software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.0\\(2\\)"
},
{
"model": "netflow generation appliance software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.1\\(1\\)"
},
{
"model": "netflow generation the appliance 3140",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "netflow generation the appliance 3240",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "netflow generation the appliance 3340",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "netflow generation appliance software",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "1.1(1a)"
},
{
"model": "netflow generation appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "33401.0(2)"
},
{
"model": "netflow generation appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "32401.0(2)"
},
{
"model": "netflow generation appliances",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "31401.0(2)"
}
],
"sources": [
{
"db": "BID",
"id": "96509"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001918"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-021"
},
{
"db": "NVD",
"id": "CVE-2017-3826"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:cisco:netflow_generation_appliance_3140",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:netflow_generation_appliance_3240",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/h:cisco:netflow_generation_appliance_3340",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:cisco:netflow_generation_appliance_software",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001918"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "96509"
}
],
"trust": 0.3
},
"cve": "CVE-2017-3826",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-3826",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-112029",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-3826",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-3826",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2017-3826",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201703-021",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-112029",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-112029"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001918"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-021"
},
{
"db": "NVD",
"id": "CVE-2017-3826"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) with software before 1.1(1a) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service (DoS) condition. The vulnerability is due to incomplete validation of SCTP packets being monitored on the NGA data ports. An attacker could exploit this vulnerability by sending malformed SCTP packets on a network that is monitored by an NGA data port. SCTP packets addressed to the IP address of the NGA itself will not trigger this vulnerability. An exploit could allow the attacker to cause the appliance to become unresponsive or reload, causing a DoS condition. User interaction could be needed to recover the device using the reboot command from the CLI. The following Cisco NetFlow Generation Appliances are vulnerable: NGA 3140, NGA 3240, NGA 3340. Cisco Bug IDs: CSCvc83320. Vendors have confirmed this vulnerability Bug ID CSCvc83320 It is released as.Remote attacker could disrupt service operation ( Device hang or reload ) There is a possibility of being put into a state. \nAttackers can exploit this issue to reload the affected device, denying service to legitimate users. Cisco NetFlow Generation Appliance (NGA) is a set of scalable solutions for data center traffic visibility from Cisco. The solution provides features such as traffic analysis and other demand management. Stream Control Transmission Protocol (SCTP) decoder is one of the stream control transmission protocol decoders. A denial of service vulnerability exists in the SCTP decoder in Cisco NGA versions 3140, 3240, and 3340",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3826"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001918"
},
{
"db": "BID",
"id": "96509"
},
{
"db": "VULHUB",
"id": "VHN-112029"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-3826",
"trust": 2.8
},
{
"db": "BID",
"id": "96509",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1037938",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001918",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201703-021",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-112029",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-112029"
},
{
"db": "BID",
"id": "96509"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001918"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-021"
},
{
"db": "NVD",
"id": "CVE-2017-3826"
}
]
},
"id": "VAR-201703-0712",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-112029"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-20T23:38:33.491000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20170301-nga",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170301-nga"
},
{
"title": "Cisco NetFlow Generation Appliance Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=68030"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001918"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-021"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
},
{
"problemtype": "CWE-20",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-112029"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001918"
},
{
"db": "NVD",
"id": "CVE-2017-3826"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170301-nga"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/96509"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1037938"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3826"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-3826"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-112029"
},
{
"db": "BID",
"id": "96509"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001918"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-021"
},
{
"db": "NVD",
"id": "CVE-2017-3826"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-112029"
},
{
"db": "BID",
"id": "96509"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001918"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-021"
},
{
"db": "NVD",
"id": "CVE-2017-3826"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-03-01T00:00:00",
"db": "VULHUB",
"id": "VHN-112029"
},
{
"date": "2017-03-02T00:00:00",
"db": "BID",
"id": "96509"
},
{
"date": "2017-03-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001918"
},
{
"date": "2017-03-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-021"
},
{
"date": "2017-03-01T21:59:00.367000",
"db": "NVD",
"id": "CVE-2017-3826"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-112029"
},
{
"date": "2017-03-07T03:10:00",
"db": "BID",
"id": "96509"
},
{
"date": "2017-03-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001918"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201703-021"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-3826"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201703-021"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco NetFlow Generation Appliance software Stream Control Transmission Protocol Service disruption at the decoder (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-001918"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "96509"
},
{
"db": "CNNVD",
"id": "CNNVD-201703-021"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…