Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-15323

Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eCNS210_TD V100R004C10, eSpace U1981 V200R003C30 have a DoS vulnerability caused by memory exhaustion in some Huawei products. For lacking of adequate input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service (DoS).

Published

2018-03-09T21:29:00.567

Last Modified

2024-11-21T03:14:27.800

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 5.5 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

6.9

Weaknesses

Type: Primary
CWE-400

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	huawei	dp300_firmware	v500r002c00	Yes
Hardware	huawei	dp300	-	No
Operating System	huawei	nip6600_firmware	v500r001c00	Yes
Operating System	huawei	nip6600_firmware	v500r001c20	Yes
Operating System	huawei	nip6600_firmware	v500r001c30	Yes
Hardware	huawei	nip6600	-	No
Operating System	huawei	secospace_usg6500_firmware	v500r001c00	Yes
Operating System	huawei	secospace_usg6500_firmware	v500r001c20	Yes
Operating System	huawei	secospace_usg6500_firmware	v500r001c30	Yes
Hardware	huawei	secospace_usg6500	-	No
Operating System	huawei	te60_firmware	v100r001c01	Yes
Operating System	huawei	te60_firmware	v100r001c10	Yes
Operating System	huawei	te60_firmware	v100r003c00	Yes
Operating System	huawei	te60_firmware	v500r002c00	Yes
Operating System	huawei	te60_firmware	v600r006c00	Yes
Hardware	huawei	te60	-	No
Operating System	huawei	tp3106_firmware	v100r001c06	Yes
Operating System	huawei	tp3106_firmware	v100r002c00	Yes
Hardware	huawei	tp3106	-	No
Operating System	huawei	vp9660_firmware	v200r001c02	Yes
Operating System	huawei	vp9660_firmware	v200r001c30	Yes
Operating System	huawei	vp9660_firmware	v500r002c00	Yes
Operating System	huawei	vp9660_firmware	v500r002c10	Yes
Hardware	huawei	vp9660	-	No
Operating System	huawei	viewpoint_8660_firmware	v100r008c03	Yes
Hardware	huawei	viewpoint_8660	-	No
Operating System	huawei	viewpoint_9030_firmware	v100r011c02	Yes
Operating System	huawei	viewpoint_9030_firmware	v100r011c03	Yes
Hardware	huawei	viewpoint_9030	-	No
Operating System	huawei	ecns210_td_firmware	v100r004c10	Yes
Hardware	huawei	ecns210_td	-	No
Operating System	huawei	espace_u1981_firmware	v200r003c30	Yes
Hardware	huawei	espace_u1981	-	No

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-pse-en Vendor Advisory ([email protected])
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-pse-en Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)