Lucene search

[email protected]CVE-2017-17310

HistoryApr 19, 2018 - 2:29 p.m.

CVE-2017-17310

2018-04-1914:29:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2017-17310

enum module

huawei

dp300

rp200

te30

te40

te50

te60

v500r002c00

v600r006c00

v100r001c10

buffer error

vulnerability

nvd

security

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.6 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

58.9%

JSON

Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal.

CPENameOperatorVersion
huawei:dp300_firmwarehuawei dp300 firmwareeqv500r002c00spcb00
huawei:rp200_firmwarehuawei rp200 firmwareeqv600r006c00
huawei:te30_firmwarehuawei te30 firmwareeqv100r001c10
huawei:te30_firmwarehuawei te30 firmwareeqv500r002c00
huawei:te30_firmwarehuawei te30 firmwareeqv600r006c00
huawei:te40_firmwarehuawei te40 firmwareeqv500r002c00
huawei:te40_firmwarehuawei te40 firmwareeqv600r006c00
huawei:te50_firmwarehuawei te50 firmwareeqv500r002c00
huawei:te50_firmwarehuawei te50 firmwareeqv600r006c00
huawei:te60_firmwarehuawei te60 firmwareeqv100r001c10

CPE	Name	Operator	Version
huawei:dp300_firmware	huawei dp300 firmware	eq	v500r002c00spcb00
huawei:rp200_firmware	huawei rp200 firmware	eq	v600r006c00
huawei:te30_firmware	huawei te30 firmware	eq	v100r001c10
huawei:te30_firmware	huawei te30 firmware	eq	v500r002c00
huawei:te30_firmware	huawei te30 firmware	eq	v600r006c00
huawei:te40_firmware	huawei te40 firmware	eq	v500r002c00
huawei:te40_firmware	huawei te40 firmware	eq	v600r006c00
huawei:te50_firmware	huawei te50 firmware	eq	v500r002c00
huawei:te50_firmware	huawei te50 firmware	eq	v600r006c00
huawei:te60_firmware	huawei te60 firmware	eq	v100r001c10

Rows per page:

1-10 of 121

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.6 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

58.9%

JSON

Related for CVE-2017-17310

huawei1 cvelist1 prion1