Lucene search

K
cve[email protected]CVE-2017-15324
HistoryDec 22, 2017 - 5:29 p.m.

CVE-2017-15324

2017-12-2217:29:13
CWE-20
web.nvd.nist.gov
25
huawei
s5700
s6700
v200r005c00
dos
vulnerability
nqa
packets
remote attacker
exploitation
restart
cve-2017-15324

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

60.0%

Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart.

Affected configurations

NVD
Node
huaweis5700_firmwareMatchv200r005c00
AND
huaweis5700Match-
Node
huaweis6700_firmwareMatchv200r005c00
AND
huaweis6700Match-

CNA Affected

[
  {
    "product": "S12700",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "V200R006C00"
      },
      {
        "status": "affected",
        "version": "V200R007C00"
      },
      {
        "status": "affected",
        "version": "V200R007C01"
      },
      {
        "status": "affected",
        "version": "V200R007C20"
      },
      {
        "status": "affected",
        "version": "V200R008C00"
      },
      {
        "status": "affected",
        "version": "V200R009C00"
      },
      {
        "status": "affected",
        "version": "V200R010C00"
      }
    ]
  },
  {
    "product": "S1700",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "V200R006C10"
      },
      {
        "status": "affected",
        "version": "V200R009C00"
      },
      {
        "status": "affected",
        "version": "V200R010C00"
      }
    ]
  },
  {
    "product": "S2700",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "V200R006C00"
      },
      {
        "status": "affected",
        "version": "V200R006C10"
      },
      {
        "status": "affected",
        "version": "V200R007C00"
      },
      {
        "status": "affected",
        "version": "V200R008C00"
      },
      {
        "status": "affected",
        "version": "V200R009C00"
      },
      {
        "status": "affected",
        "version": "V200R010C00"
      },
      {
        "status": "affected",
        "version": "V200R011C00"
      }
    ]
  },
  {
    "product": "S5700",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "V200R005C00"
      },
      {
        "status": "affected",
        "version": "V200R006C00"
      },
      {
        "status": "affected",
        "version": "V200R007C00"
      },
      {
        "status": "affected",
        "version": "V200R008C00"
      },
      {
        "status": "affected",
        "version": "V200R009C00"
      },
      {
        "status": "affected",
        "version": "V200R010C00"
      },
      {
        "status": "affected",
        "version": "V200R011C00"
      }
    ]
  },
  {
    "product": "S6700",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "V200R005C00"
      },
      {
        "status": "affected",
        "version": "V200R008C00"
      },
      {
        "status": "affected",
        "version": "V200R009C00"
      },
      {
        "status": "affected",
        "version": "V200R010C00"
      }
    ]
  },
  {
    "product": "S7700",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "V200R006C00"
      },
      {
        "status": "affected",
        "version": "V200R007C00"
      },
      {
        "status": "affected",
        "version": "V200R008C00"
      },
      {
        "status": "affected",
        "version": "V200R009C00"
      },
      {
        "status": "affected",
        "version": "V200R010C00"
      }
    ]
  },
  {
    "product": "S9700",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "V200R006C00"
      },
      {
        "status": "affected",
        "version": "V200R007C00"
      },
      {
        "status": "affected",
        "version": "V200R007C01"
      },
      {
        "status": "affected",
        "version": "V200R008C00"
      },
      {
        "status": "affected",
        "version": "V200R009C00"
      },
      {
        "status": "affected",
        "version": "V200R010C00"
      }
    ]
  }
]

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

High

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.002 Low

EPSS

Percentile

60.0%

Related for CVE-2017-15324