Cisco cBR Series Converged Broadband Routers List Headers Denial of Service Vulnerability

2017-02-0116:00:00

tools.cisco.com

EPSS

0.004

Percentile

72.2%

JSON

A vulnerability in the handling of list headers in Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

The vulnerability is due to memory corruption. An attacker could exploit this vulnerability by sending crafted PacketCable Multimedia (PCMM) packets to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-cbr [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-cbr”]

Affected configurations

Vulners

Node

ciscocisco_iosMatch3.16xe

ciscocisco_iosMatch3.17xe

ciscocisco_iosMatchanyxe

VendorProductVersionCPE
ciscocisco_ios3.16cpe:2.3:o:cisco:cisco_ios:3.16:xe:*:*:*:*:*:*
ciscocisco_ios3.17cpe:2.3:o:cisco:cisco_ios:3.17:xe:*:*:*:*:*:*
ciscocisco_iosanycpe:2.3:o:cisco:cisco_ios:any:xe:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	cisco_ios	3.16	cpe:2.3:o:cisco:cisco_ios:3.16:xe::::::
cisco	cisco_ios	3.17	cpe:2.3:o:cisco:cisco_ios:3.17:xe::::::
cisco	cisco_ios	any	cpe:2.3:o:cisco:cisco_ios:any:xe::::::

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-cbr

EPSS

0.004

Percentile

72.2%

JSON

Related for CISCO-SA-20170201-CBR