7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
60.0%
Some Huawei products have a DoS vulnerability due to insufficient validation of the Network Quality Analysis(NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart. (Vulnerability ID: HWPSIRT-2017-09099)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-15324.
Huawei has released software updates to fix this vulnerability.
This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en
CPE | Name | Operator | Version |
---|---|---|---|
s5700 | eq | V200R005C00SPC500 | |
s6700 | eq | V200R005C00SPC500 | |
usg9500 | eq | V500R001C50 | |
usg9500 | eq | V500R001C50PWE |
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
60.0%