CVE-2017-3826

Name of the Vulnerable Software and Affected Versions Cisco NetFlow Generation Appliance versions prior to 1.1(1a)

Description A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, resulting in a denial of service (DoS) condition. This issue is due to incomplete validation of SCTP packets being monitored on the NGA data ports. An attacker could exploit this by sending malformed SCTP packets on a network monitored by an NGA data port. The vulnerability does not affect SCTP packets addressed to the IP address of the NGA itself. Exploitation could cause the appliance to become unresponsive or reload, leading to a DoS condition, and may require user interaction to recover the device.

Recommendations For versions prior to 1.1(1a), update the software to version 1.1(1a) or later to resolve the issue. As a temporary workaround, consider restricting access to the NGA data ports to minimize the risk of exploitation.