Lucene search

Huawei TechnologiesHUAWEI-SA-20171018-01-H323

HistoryOct 18, 2017 - 12:00 a.m.

Security Advisory - Two Vulnerabilities in Some Huawei Products

2017-10-1800:00:00

Huawei Technologies

www.huawei.com

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

49.8%

JSON

There is a DoS vulnerability in some Huawei products. Due to incorrect malformed message processing logic, an authenticated, remote attacker could send specially crafted message to the target device.Successful exploit of the vulnerability could cause stack overflow and make a service unavailable. (Vulnerability ID: HWPSIRT-2017-04159)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-8162.

There is an out-of-bounds read vulnerability in some Huawei products. Due to insufficient input validation, an authenticated, remote attacker could send specially crafted message to the target device.Successful exploit of the vulnerability could cause out-of-bounds read and system crash. (Vulnerability ID: HWPSIRT-2017-04160)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-8163.

Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-h323-en

Affected configurations

Vulners

Node

huaweiar120Matchv200r006c10

huaweiar120Matchv200r007c00

huaweiar120Matchv200r008c20

huaweiar120Matchv200r008c30

huaweiar1200Matchv200r006c10

huaweiar1200Matchv200r006c13

huaweiar1200Matchv200r007c00

huaweiar1200Matchv200r007c01

huaweiar1200Matchv200r007c02

huaweiar1200Matchv200r008c20

huaweiar1200Matchv200r008c30

huaweiar1200Matchv200r006c10

huaweiar1200Matchv200r007c00

huaweiar1200Matchv200r008c20

huaweiar1200Matchv200r008c30

huaweiar150Matchv200r006c10

huaweiar150Matchv200r007c00

huaweiar150Matchv200r007c01

huaweiar150Matchv200r007c02

huaweiar150Matchv200r008c20

huaweiar150Matchv200r008c30

huaweiar150Matchv200r006c10

huaweiar150Matchv200r007c00

huaweiar150Matchv200r008c20

huaweiar150Matchv200r008c30

huaweiar160Matchv200r006c10

huaweiar160Matchv200r006c12

huaweiar160Matchv200r007c00

huaweiar160Matchv200r007c01

huaweiar160Matchv200r007c02

huaweiar160Matchv200r008c20

huaweiar160Matchv200r008c30

huaweiar200Matchv200r006c10

huaweiar200Matchv200r007c00

huaweiar200Matchv200r007c01

huaweiar200Matchv200r008c20

huaweiar200Matchv200r008c30

huaweiar200Matchv200r006c10

huaweiar200Matchv200r007c00

huaweiar200Matchv200r008c20

huaweiar200Matchv200r008c30

huaweiar2200Matchv200r006c10

huaweiar2200Matchv200r006c13

huaweiar2200Matchv200r006c16pwe

huaweiar2200Matchv200r007c00

huaweiar2200Matchv200r007c01

huaweiar2200Matchv200r007c02

huaweiar2200Matchv200r008c20

huaweiar2200Matchv200r008c30

huaweiar2200Matchv200r006c10

huaweiar2200Matchv200r007c00

huaweiar2200Matchv200r008c20

huaweiar2200Matchv200r008c30

huaweiar3200Matchv200r006c10

huaweiar3200Matchv200r006c11

huaweiar3200Matchv200r007c00

huaweiar3200Matchv200r007c01

huaweiar3200Matchv200r007c02

huaweiar3200Matchv200r008c00

huaweiar3200Matchv200r008c10

huaweiar3200Matchv200r008c20

huaweiar3200Matchv200r008c30

huaweiar510Matchv200r006c10

huaweiar510Matchv200r006c12

huaweiar510Matchv200r006c13

huaweiar510Matchv200r006c15

huaweiar510Matchv200r006c16

huaweiar510Matchv200r006c17

huaweiar510Matchv200r007c00

huaweiar510Matchv200r008c20

huaweiar510Matchv200r008c30

huaweidp300Matchv500r002c00

huaweiips_moduleMatchv100r001c10

huaweiips_moduleMatchv100r001c20

huaweiips_moduleMatchv100r001c30

huaweiips_moduleMatchv500r001c00

huaweiips_moduleMatchv500r001c20

huaweiips_moduleMatchv500r001c30

huaweiips_moduleMatchv500r001c50

huaweingfw_moduleMatchv100r001c10

huaweingfw_moduleMatchv100r001c20

huaweingfw_moduleMatchv100r001c30

huaweingfw_moduleMatchv500r001c00

huaweingfw_moduleMatchv500r001c20

huaweingfw_moduleMatchv500r002c00

huaweingfw_moduleMatchv500r002c10

huaweinip6300Matchv500r001c00

huaweinip6300Matchv500r001c20

huaweinip6300Matchv500r001c30

huaweinip6300Matchv500r001c50

huaweinip6600Matchv500r001c00

huaweinip6600Matchv500r001c20

huaweinip6600Matchv500r001c30

huaweinip6600Matchv500r001c50

huaweinip6800Matchv500r001c50

huaweinetengine16exMatchv200r006c10

huaweinetengine16exMatchv200r007c00

huaweinetengine16exMatchv200r008c20

huaweinetengine16exMatchv200r008c30

huaweirp200\[1\]Matchv500r002c00

huaweirp200\[1\]Matchv600r006c00

huaweirse6500Matchv500r002c00

huaweismc2.0Matchv100r003c10

huaweismc2.0Matchv100r005c00

huaweismc2.0Matchv500r002c00

huaweismc2.0Matchv600r006c00

huaweisrg1300Matchv200r006c10

huaweisrg1300Matchv200r007c00

huaweisrg1300Matchv200r007c02

huaweisrg1300Matchv200r008c20

huaweisrg1300Matchv200r008c30

huaweisrg2300Matchv200r006c10

huaweisrg2300Matchv200r007c00

huaweisrg2300Matchv200r007c02

huaweisrg2300Matchv200r008c20

huaweisrg2300Matchv200r008c30

huaweisrg3300Matchv200r006c10

huaweisrg3300Matchv200r007c00

huaweisrg3300Matchv200r008c20

huaweisrg3300Matchv200r008c30

huaweisemg9811Matchv300r001c01

huaweisecospace_usg6300Matchv100r001c10

huaweisecospace_usg6300Matchv100r001c20

huaweisecospace_usg6300Matchv100r001c30

huaweisecospace_usg6300Matchv500r001c00

huaweisecospace_usg6300Matchv500r001c20

huaweisecospace_usg6300Matchv500r001c30

huaweisecospace_usg6300Matchv500r001c50

huaweisecospace_usg6500Matchv100r001c10

huaweisecospace_usg6500Matchv100r001c20

huaweisecospace_usg6500Matchv100r001c30

huaweisecospace_usg6500Matchv500r001c00

huaweisecospace_usg6500Matchv500r001c20

huaweisecospace_usg6500Matchv500r001c30

huaweisecospace_usg6500Matchv500r001c50

huaweisecospace_usg6600Matchv100r001c00

huaweisecospace_usg6600Matchv100r001c10

huaweisecospace_usg6600Matchv100r001c20

huaweisecospace_usg6600Matchv100r001c30

huaweisecospace_usg6600Matchv500r001c00

huaweisecospace_usg6600Matchv500r001c20

huaweisecospace_usg6600Matchv500r001c30

huaweisecospace_usg6600Matchv500r001c50

huaweite30\[2\]Matchv100r001c02

huaweite30\[2\]Matchv100r001c10

huaweite30\[2\]Matchv500r002c00

huaweite30\[2\]Matchv600r006c00

huaweite40\[3\]Matchv500r002c00

huaweite40\[3\]Matchv600r006c00

huaweite50\[4\]Matchv500r002c00

huaweite50\[4\]Matchv600r006c00

huaweite60\[5\]Matchv100r001c01

huaweite60\[5\]Matchv100r001c10

huaweite60\[5\]Matchv500r002c00

huaweite60\[5\]Matchv600r006c00

huaweitp3106Matchv100r002c00

huaweitp3206Matchv100r002c00

huaweiusg9500Matchv500r001c00

huaweiusg9500Matchv500r001c20

huaweiusg9500Matchv500r001c30

huaweiusg9500Matchv500r001c50

huaweiviewpoint_9030Matchv100r011c02

huaweiviewpoint_9030Matchv100r011c03

CPENameOperatorVersion
ar120-seqV200R006C10
ar120-seqV200R007C00
ar120-seqV200R008C20
ar120-seqV200R008C30
ar1200eqV200R006C10
ar1200eqV200R006C13
ar1200eqV200R007C00
ar1200eqV200R007C01
ar1200eqV200R007C02
ar1200eqV200R008C20

Name	Operator	Version
ar120-s	eq	V200R006C10
ar120-s	eq	V200R007C00
ar120-s	eq	V200R008C20
ar120-s	eq	V200R008C30
ar1200	eq	V200R006C10
ar1200	eq	V200R006C13
ar1200	eq	V200R007C00
ar1200	eq	V200R007C01
ar1200	eq	V200R007C02
ar1200	eq	V200R008C20

Rows per page:

1-10 of 1631

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

49.8%

JSON

Related for HUAWEI-SA-20171018-01-H323