CVE-2017-3825

Name of the Vulnerable Software and Affected Versions Cisco TelePresence Collaboration Endpoint (CE) Software versions CE8.1.1 through CE8.3.1

Description A vulnerability in the ICMP ingress packet processing could allow an unauthenticated, remote attacker to cause the TelePresence endpoint to reload unexpectedly, resulting in a denial of service (DoS) condition. This is due to incomplete input validation for the size of a received ICMP packet. An attacker could exploit this by sending a crafted ICMP packet to the local IP address of the targeted endpoint, potentially causing calls to be dropped. The vulnerability affects either IPv4 or IPv6 ICMP traffic.

Recommendations For versions CE8.1.1 through CE8.3.1, update to a fixed software release to resolve the issue.