CVE-2017-3824

Name: CVE-2017-3824
Creator: NVD / NIST
Published: 2017-02-03T07:59:00.92+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.08%

Last modified Jun 17, 2026

CVE-2017-3824 is a vulnerability of currently unknown severity. A vulnerability in the handling of list headers in Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Cisco cBR-8 Converged Broadband Routers running vulnerable versions of Cisco IOS XE are affected. EPSS estimates a 2.08% chance of exploitation in the next 30 days.

Description

A vulnerability in the handling of list headers in Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Cisco cBR-8 Converged Broadband Routers running vulnerable versions of Cisco IOS XE are affected. More Information: CSCux40637. Known Affected Releases: 15.5(3)S 15.6(1)S. Known Fixed Releases: 15.5(3)S2 15.6(1)S1 15.6(2)S 15.6(2)SP 16.4(1).

Metrics

EPSS Probability

2.08%

79.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Cisco	Ios Xe	3.16.0
Cisco	Ios Xe	3.16.1
Cisco	Ios Xe	3.17.0

References

http://www.securityfocus.com/bid/95937Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1037774
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-cbrVendor Advisory
http://www.securityfocus.com/bid/95937Third Party Advisory, VDB Entry
http://www.securitytracker.com/id/1037774
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170201-cbrVendor Advisory

Timeline

Published: Feb 3, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-3824?

How severe is CVE-2017-3824?

Severity scoring for CVE-2017-3824 is pending analysis. The EPSS model estimates a 2.08% probability of exploitation in the next 30 days.

How do I fix CVE-2017-3824?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-3824?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST