CVE-2017-3824

Name of the Vulnerable Software and Affected Versions Cisco cBR-8 Converged Broadband Routers versions 15.5(3)S through 15.6(1)S

Description A vulnerability in the handling of list headers in Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to memory corruption. An attacker could exploit this vulnerability by sending crafted PacketCable Multimedia (PCMM) packets to an affected device.

Recommendations For versions 15.5(3)S and 15.6(1)S, update to a fixed release such as 15.5(3)S2, 15.6(1)S1, 15.6(2)S, 15.6(2)SP, or 16.4(1) to resolve the issue. As a temporary workaround, consider restricting access to the device to minimize the risk of exploitation.