Lucene search

HuaweiCVE-2017-17143

HistoryMar 05, 2018 - 7:29 p.m.

CVE-2017-17143

2018-03-0519:29:00

CWE-119

huawei

web.nvd.nist.gov

cve-2017-17143

sip module

overflow vulnerability

huawei

dp300

rp200

rse6500

te30

te40

te50

te60

tp3106

tp3206

viewpoint 9030

espace u1960

espace u1981

random reboot

security issue

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

40.3%

JSON

SIP module in Huawei DP300 V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; RSE6500 V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC300T; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00T; TE30 V100R001C10; V100R001C10SPC100; V100R001C10SPC200B010; V100R001C10SPC300; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700B010; V100R001C10SPC800; V500R002C00SPC200; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; TE40 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; TE50 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; TE60 V100R001C01SPC100; V100R001C01SPC107TB010; V100R001C10; V100R001C10SPC300; V100R001C10SPC400; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700; V100R001C10SPC800; V100R001C10SPC900; V500R002C00; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; V500R002C00SPCb00; V500R002C00SPCd00; V600R006C00; V600R006C00SPC100; V600R006C00SPC200; V600R006C00SPC300; TP3106 V100R002C00; V100R002C00SPC200; V100R002C00SPC400; V100R002C00SPC600; V100R002C00SPC700; V100R002C00SPC800; TP3206 V100R002C00; V100R002C00SPC200; V100R002C00SPC400; V100R002C00SPC600; V100R002C00SPC700; V100R002C10; ViewPoint 9030 V100R011C02SPC100; V100R011C03B012SP15; V100R011C03B012SP16; V100R011C03B015SP03; V100R011C03LGWL01SPC100; V100R011C03SPC100; V100R011C03SPC200; V100R011C03SPC300; V100R011C03SPC400; V100R011C03SPC500; eSpace U1960 V200R003C30SPC200; eSpace U1981 V100R001C20SPC700; V200R003C20SPCa00 has an overflow vulnerability that the module cannot parse a malformed SIP message when validating variables. Attacker can exploit it to make one process reboot at random.

Affected configurations

Nvd

Vulners

Node

huaweidp300_firmwareMatchv500r002c00

huaweidp300_firmwareMatchv500r002c00spc100

huaweidp300_firmwareMatchv500r002c00spc200

huaweidp300_firmwareMatchv500r002c00spc300

huaweidp300_firmwareMatchv500r002c00spc400

huaweidp300_firmwareMatchv500r002c00spc500

huaweidp300_firmwareMatchv500r002c00spc600

huaweidp300_firmwareMatchv500r002c00spc800

huaweidp300_firmwareMatchv500r002c00spc900

huaweidp300_firmwareMatchv500r002c00spca00

AND

huaweidp300Match-

Node

huaweirp200_firmwareMatchv500r002c00spc200

huaweirp200_firmwareMatchv600r006c00

huaweirp200_firmwareMatchv600r006c00spc200

AND

huaweirp200Match-

Node

huaweirse6500_firmwareMatchv500r002c00spc100

huaweirse6500_firmwareMatchv500r002c00spc200

huaweirse6500_firmwareMatchv500r002c00spc300

huaweirse6500_firmwareMatchv500r002c00spc300t

huaweirse6500_firmwareMatchv500r002c00spc500

huaweirse6500_firmwareMatchv500r002c00spc600

huaweirse6500_firmwareMatchv500r002c00spc700

huaweirse6500_firmwareMatchv500r002c00t

AND

huaweirse6500Match-

Node

huaweite30_firmwareMatchv100r001c10

huaweite30_firmwareMatchv100r001c10spc100

huaweite30_firmwareMatchv100r001c10spc200b010

huaweite30_firmwareMatchv100r001c10spc300

huaweite30_firmwareMatchv100r001c10spc500

huaweite30_firmwareMatchv100r001c10spc600

huaweite30_firmwareMatchv100r001c10spc700b010

huaweite30_firmwareMatchv100r001c10spc800

huaweite30_firmwareMatchv500r002c00spc200

huaweite30_firmwareMatchv500r002c00spc500

huaweite30_firmwareMatchv500r002c00spc600

huaweite30_firmwareMatchv500r002c00spc700

huaweite30_firmwareMatchv500r002c00spc900

huaweite30_firmwareMatchv500r002c00spcb00

huaweite30_firmwareMatchv600r006c00

AND

huaweite30Match-

Node

huaweite40_firmwareMatchv500r002c00spc600

huaweite40_firmwareMatchv500r002c00spc700

huaweite40_firmwareMatchv500r002c00spc900

huaweite40_firmwareMatchv500r002c00spcb00

huaweite40_firmwareMatchv600r006c00

huaweite40_firmwareMatchv600r006c00spc200

AND

huaweite40Match-

Node

huaweite50_firmwareMatchv500r002c00spc600

huaweite50_firmwareMatchv500r002c00spc700

huaweite50_firmwareMatchv500r002c00spcb00

huaweite50_firmwareMatchv600r006c00

huaweite50_firmwareMatchv600r006c00spc200

AND

huaweite50Match-

Node

huaweite60_firmwareMatchv100r001c01spc100

huaweite60_firmwareMatchv100r001c01spc107tb010

huaweite60_firmwareMatchv100r001c10

huaweite60_firmwareMatchv100r001c10spc300

huaweite60_firmwareMatchv100r001c10spc400

huaweite60_firmwareMatchv100r001c10spc500

huaweite60_firmwareMatchv100r001c10spc600

huaweite60_firmwareMatchv100r001c10spc700

huaweite60_firmwareMatchv100r001c10spc800

huaweite60_firmwareMatchv100r001c10spc900

huaweite60_firmwareMatchv500r002c00

huaweite60_firmwareMatchv500r002c00spc100

huaweite60_firmwareMatchv500r002c00spc200

huaweite60_firmwareMatchv500r002c00spc300

huaweite60_firmwareMatchv500r002c00spc600

huaweite60_firmwareMatchv500r002c00spc700

huaweite60_firmwareMatchv500r002c00spc800

huaweite60_firmwareMatchv500r002c00spc900

huaweite60_firmwareMatchv500r002c00spca00

huaweite60_firmwareMatchv500r002c00spcb00

huaweite60_firmwareMatchv500r002c00spcd00

huaweite60_firmwareMatchv600r006c00

huaweite60_firmwareMatchv600r006c00spc100

huaweite60_firmwareMatchv600r006c00spc200

huaweite60_firmwareMatchv600r006c00spc300

AND

huaweite60Match-

Node

huaweitp3106_firmwareMatchv100r002c00

huaweitp3106_firmwareMatchv100r002c00spc200

huaweitp3106_firmwareMatchv100r002c00spc400

huaweitp3106_firmwareMatchv100r002c00spc600

huaweitp3106_firmwareMatchv100r002c00spc700

huaweitp3106_firmwareMatchv100r002c00spc800

AND

huaweitp3106Match-

Node

huaweitp3206_firmwareMatchv100r002c00

huaweitp3206_firmwareMatchv100r002c00spc200

huaweitp3206_firmwareMatchv100r002c00spc400

huaweitp3206_firmwareMatchv100r002c00spc600

huaweitp3206_firmwareMatchv100r002c00spc700

huaweitp3206_firmwareMatchv100r002c10

AND

huaweitp3206Match-

Node

huaweiviewpoint_9030_firmwareMatchv100r011c02spc100

huaweiviewpoint_9030_firmwareMatchv100r011c03b012sp15

huaweiviewpoint_9030_firmwareMatchv100r011c03b012sp16

huaweiviewpoint_9030_firmwareMatchv100r011c03b015sp03

huaweiviewpoint_9030_firmwareMatchv100r011c03lgwl01spc100

huaweiviewpoint_9030_firmwareMatchv100r011c03spc100

huaweiviewpoint_9030_firmwareMatchv100r011c03spc200

huaweiviewpoint_9030_firmwareMatchv100r011c03spc300

huaweiviewpoint_9030_firmwareMatchv100r011c03spc400

huaweiviewpoint_9030_firmwareMatchv100r011c03spc500

AND

huaweiviewpoint_9030Match-

Node

huaweiespace_u1960_firmwareMatchv200r003c30spc200

AND

huaweiespace_u1960Match-

Node

huaweiespace_u1981_firmwareMatchv100r001c20spc700

huaweiespace_u1981_firmwareMatchv200r003c20spca00

AND

huaweiespace_u1981Match-

VendorProductVersionCPE
huaweidp300_firmwarev500r002c00cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*
huaweidp300_firmwarev500r002c00spc100cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc100:*:*:*:*:*:*:*
huaweidp300_firmwarev500r002c00spc200cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc200:*:*:*:*:*:*:*
huaweidp300_firmwarev500r002c00spc300cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc300:*:*:*:*:*:*:*
huaweidp300_firmwarev500r002c00spc400cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc400:*:*:*:*:*:*:*
huaweidp300_firmwarev500r002c00spc500cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc500:*:*:*:*:*:*:*
huaweidp300_firmwarev500r002c00spc600cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc600:*:*:*:*:*:*:*
huaweidp300_firmwarev500r002c00spc800cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc800:*:*:*:*:*:*:*
huaweidp300_firmwarev500r002c00spc900cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc900:*:*:*:*:*:*:*
huaweidp300_firmwarev500r002c00spca00cpe:2.3:o:huawei:dp300_firmware:v500r002c00spca00:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	dp300_firmware	v500r002c00	cpe:2.3:o:huawei:dp300_firmware:v500r002c00:::::::*
huawei	dp300_firmware	v500r002c00spc100	cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc100:::::::*
huawei	dp300_firmware	v500r002c00spc200	cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc200:::::::*
huawei	dp300_firmware	v500r002c00spc300	cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc300:::::::*
huawei	dp300_firmware	v500r002c00spc400	cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc400:::::::*
huawei	dp300_firmware	v500r002c00spc500	cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc500:::::::*
huawei	dp300_firmware	v500r002c00spc600	cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc600:::::::*
huawei	dp300_firmware	v500r002c00spc800	cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc800:::::::*
huawei	dp300_firmware	v500r002c00spc900	cpe:2.3:o:huawei:dp300_firmware:v500r002c00spc900:::::::*
huawei	dp300_firmware	v500r002c00spca00	cpe:2.3:o:huawei:dp300_firmware:v500r002c00spca00:::::::*

Rows per page:

1-10 of 1091

CNA Affected

[
  {
    "product": "DP300; RP200; RSE6500; TE30; TE40; TE50; TE60; TP3106; TP3206; ViewPoint 9030; eSpace U1960; eSpace U1981",
    "vendor": "Huawei Technologies Co., Ltd.",
    "versions": [
      {
        "status": "affected",
        "version": "DP300 V500R002C00"
      },
      {
        "status": "affected",
        "version": "V500R002C00SPC100"
      },
      {
        "status": "affected",
        "version": "V500R002C00SPC200"
      },
      {
        "status": "affected",
        "version": "V500R002C00SPC300"
      },
      {
        "status": "affected",
        "version": "V500R002C00SPC400"
      },
      {
        "status": "affected",
        "version": "V500R002C00SPC500"
      },
      {
        "status": "affected",
        "version": "V500R002C00SPC600"
      },
      {
        "status": "affected",
        "version": "V500R002C00SPC800"
      },
      {
        "status": "affected",
        "version": "V500R002C00SPC900"
      },
      {
        "status": "affected",
        "version": "V500R002C00SPCa00"
      },
      {
        "status": "affected",
        "version": "RP200 V500R002C00SPC200"
      },
      {
        "status": "affected",
        "version": "V600R006C00"
      },
      {
        "status": "affected",
        "version": "V600R006C00SPC200"
      },
      {
        "status": "affected",
        "version": "RSE6500 V500R002C00SPC100"
      },
      {
        "status": "affected",
        "version": "V500R002C00SPC300T"
      },
      {
        "status": "affected",
        "version": "V500R002C00SPC700"
      },
      {
        "status": "affected",
        "version": "V500R002C00T"
      },
      {
        "status": "affected",
        "version": "TE30 V100R001C10"
      },
      {
        "status": "affected",
        "version": "V100R001C10SPC100"
      },
      {
        "status": "affected",
        "version": "V100R001C10SPC200B010"
      },
      {
        "status": "affected",
        "version": "V100R001C10SPC300"
      },
      {
        "status": "affected",
        "version": "V100R001C10SPC500"
      },
      {
        "status": "affected",
        "version": "V100R001C10SPC600"
      },
      {
        "status": "affected",
        "version": "V100R001C10SPC700B010"
      },
      {
        "status": "affected",
        "version": "V100R001C10SPC800"
      },
      {
        "status": "affected",
        "version": "V500R002C00SPCb00"
      },
      {
        "status": "affected",
        "version": "TE40 V500R002C00SPC600"
      },
      {
        "status": "affected",
        "version": "TE50 V500R002C00SPC600"
      },
      {
        "status": "affected",
        "version": "TE60 V100R001C01SPC100"
      },
      {
        "status": "affected",
        "version": "V100R001C01SPC107TB010"
      },
      {
        "status": "affected",
        "version": "V100R001C10"
      },
      {
        "status": "affected",
        "version": "V100R001C10SPC400"
      },
      {
        "status": "affected",
        "version": "V100R001C10SPC700"
      },
      {
        "status": "affected",
        "version": "V100R001C10SPC900"
      },
      {
        "status": "affected",
        "version": "V500R002C00"
      },
      {
        "status": "affected",
        "version": "V500R002C00SPCd00"
      },
      {
        "status": "affected",
        "version": "V600R006C00SPC100"
      },
      {
        "status": "affected",
        "version": "V600R006C00SPC300"
      },
      {
        "status": "affected",
        "version": "TP3106 V100R002C00"
      },
      {
        "status": "affected",
        "version": "V100R002C00SPC200"
      },
      {
        "status": "affected",
        "version": "V100R002C00SPC400"
      },
      {
        "status": "affected",
        "version": "V100R002C00SPC600"
      },
      {
        "status": "affected",
        "version": "V100R002C00SPC700"
      },
      {
        "status": "affected",
        "version": "V100R002C00SPC800"
      },
      {
        "status": "affected",
        "version": "TP3206 V100R002C00"
      },
      {
        "status": "affected",
        "version": "V100R002C10"
      },
      {
        "status": "affected",
        "version": "ViewPoint 9030 V100R011C02SPC100"
      },
      {
        "status": "affected",
        "version": "V100R011C03B012SP15"
      },
      {
        "status": "affected",
        "version": "V100R011C03B012SP16"
      },
      {
        "status": "affected",
        "version": "V100R011C03B015SP03"
      },
      {
        "status": "affected",
        "version": "V100R011C03LGWL01SPC100"
      },
      {
        "status": "affected",
        "version": "V100R011C03SPC100"
      },
      {
        "status": "affected",
        "version": "V100R011C03SPC200"
      },
      {
        "status": "affected",
        "version": "V100R011C03SPC300"
      },
      {
        "status": "affected",
        "version": "V100R011C03SPC400"
      },
      {
        "status": "affected",
        "version": "V100R011C03SPC500"
      },
      {
        "status": "affected",
        "version": "eSpace U1960 V200R003C30SPC200"
      },
      {
        "status": "affected",
        "version": "eSpace U1981 V100R001C20SPC700"
      },
      {
        "status": "affected",
        "version": "V200R003C20SPCa00"
      }
    ]
  }
]

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sip-en

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

40.3%

JSON

Related for CVE-2017-17143