CVE-2017-12219

Name of the Vulnerable Software and Affected Versions Cisco Small Business SPA300, SPA500, and SPA51x Series IP Phones (affected versions not specified)

Description A vulnerability in the handling of IP fragments could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This issue is due to the inability to handle many large IP fragments for reassembly in a short duration. An attacker could exploit this by sending a crafted stream of IP fragments to the targeted device, allowing the attacker to cause a DoS condition when the device unexpectedly reloads.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.