Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-2690

SoftCo with software V200R003C20,eSpace U1910 with software V200R003C00, V200R003C20 and V200R003C30,eSpace U1911 with software V200R003C20, V200R003C30,eSpace U1930 with software V200R003C20 and V200R003C30,eSpace U1960 with software V200R003C20, V200R003C30,eSpace U1980 with software V200R003C20, V200R003C30,eSpace U1981 with software V200R003C20 and V200R003C30 have an denial of service (DoS) vulnerability, which allow an attacker with specific permission to craft a file containing malicious data and upload it to the device to exhaust memory, causing a DoS condition.

Published

2017-11-22T19:29:00.257

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 5.5 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

6.9

Weaknesses

Type: Primary
CWE-400

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	huawei	softco_firmware	v200r003c20	Yes
Hardware	huawei	softco	-	No
Operating System	huawei	espace_u1910_firmware	v200r003c00	Yes
Operating System	huawei	espace_u1910_firmware	v200r003c20	Yes
Operating System	huawei	espace_u1910_firmware	v200r003c30	Yes
Hardware	huawei	espace_u1910	-	No
Operating System	huawei	espace_u1911_firmware	v200r003c20	Yes
Operating System	huawei	espace_u1911_firmware	v200r003c30	Yes
Hardware	huawei	espace_u1911	-	No
Operating System	huawei	espace_u1930_firmware	v200r003c20	Yes
Operating System	huawei	espace_u1930_firmware	v200r003c30	Yes
Hardware	huawei	espace_u1930	-	No
Operating System	huawei	espace_u1960_firmware	v200r003c20	Yes
Operating System	huawei	espace_u1960_firmware	v200r003c30	Yes
Hardware	huawei	espace_u1960	-	No
Operating System	huawei	espace_u1980_firmware	v200r003c20	Yes
Operating System	huawei	espace_u1980_firmware	v200r003c30	Yes
Hardware	huawei	espace_u1980	-	No
Operating System	huawei	espace_u1981_firmware	v200r003c20	Yes
Operating System	huawei	espace_u1981_firmware	v200r003c30	Yes
Hardware	huawei	espace_u1981	-	No

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170111-01-parser-en Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/95382 Third Party Advisory, VDB Entry ([email protected])
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170111-01-parser-en Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/95382 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)