Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-2722

DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30 have an input validation vulnerability.A remote attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. A successful exploit could allow the attacker to cause a denial of service or execute arbitrary code.

Published

2017-11-22T19:29:01.427

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 8.8 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

8.0

Impact Score

6.4

Weaknesses

Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	huawei	dp300_firmware	v500r002c00	Yes
Hardware	huawei	dp300	-	No
Operating System	huawei	te60_firmware	v100r001c01	Yes
Operating System	huawei	te60_firmware	v100r001c10	Yes
Operating System	huawei	te60_firmware	v100r003c00	Yes
Operating System	huawei	te60_firmware	v500r002c00	Yes
Operating System	huawei	te60_firmware	v600r006c00	Yes
Hardware	huawei	te60	-	No
Operating System	huawei	tp3106_firmware	v100r001c06	Yes
Operating System	huawei	tp3106_firmware	v100r002c00	Yes
Hardware	huawei	tp3106	-	No
Operating System	huawei	viewpoint_9030_firmware	v100r011c02	Yes
Operating System	huawei	viewpoint_9030_firmware	v100r011c03	Yes
Hardware	huawei	viewpoint_9030	-	No
Operating System	huawei	ecns210_td_firmware	v100r004c10	Yes
Hardware	huawei	ecns210_td	-	No
Operating System	huawei	espace_7950_firmware	v200r003c00	Yes
Operating System	huawei	espace_7950_firmware	v200r003c30	Yes
Hardware	huawei	espace_7950	-	No
Operating System	huawei	espace_iad_firmware	v300r001c07spca00	Yes
Operating System	huawei	espace_iad_firmware	v300r002c01spcb00	Yes
Hardware	huawei	espace_iad	-	No
Operating System	huawei	espace_u1981_firmware	v100r001c20	Yes
Operating System	huawei	espace_u1981_firmware	v100r001c30	Yes
Operating System	huawei	espace_u1981_firmware	v200r003c00	Yes
Operating System	huawei	espace_u1981_firmware	v200r003c20	Yes
Operating System	huawei	espace_u1981_firmware	v200r003c30	Yes
Hardware	huawei	espace_u1981	-	No

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-pse-en Issue Tracking, Vendor Advisory ([email protected])
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-pse-en Issue Tracking, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)