Lucene search

Huawei TechnologiesHUAWEI-SA-20171206-01-SCTP

HistoryDec 06, 2017 - 12:00 a.m.

Security Advisory - Input Validation Vulnerability in Multiple Huawei Products

2017-12-0600:00:00

Huawei Technologies

www.huawei.com

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

62.2%

JSON

There is an input validation vulnerability in Huawei multiple products. Due to the insufficient input validation, an unauthenticated, remote attacker may craft a malformed Stream Control Transmission Protocol (SCTP) packet and send it to the device, causing the device to read out of bounds and restart. (Vulnerability ID: HWPSIRT-2017-01017)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-15317.
Huawei has released software updates to fix this vulnerability.
This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sctp-en

Affected configurations

Vulners

Node

huaweiar120-s_firmwareMatchv200r006c10

huaweiar120-s_firmwareMatchv200r007c00

huaweiar120-s_firmwareMatchv200r008c20

huaweiar120-s_firmwareMatchv200r008c30

huaweiar1200_firmwareMatchv200r006c10

huaweiar1200_firmwareMatchv200r006c13

huaweiar1200_firmwareMatchv200r007c00

huaweiar1200_firmwareMatchv200r007c01

huaweiar1200_firmwareMatchv200r007c02

huaweiar1200_firmwareMatchv200r008c20

huaweiar1200_firmwareMatchv200r008c30

huaweiar1200-s_firmwareMatchv200r006c10

huaweiar1200-s_firmwareMatchv200r007c00

huaweiar1200-s_firmwareMatchv200r008c20

huaweiar1200-s_firmwareMatchv200r008c30

huaweiar150_firmwareMatchv200r006c10

huaweiar150_firmwareMatchv200r007c00

huaweiar150_firmwareMatchv200r007c01

huaweiar150_firmwareMatchv200r007c02

huaweiar150_firmwareMatchv200r008c20

huaweiar150_firmwareMatchv200r008c30

huaweiar150-s_firmwareMatchv200r006c10

huaweiar150-s_firmwareMatchv200r007c00

huaweiar150-s_firmwareMatchv200r008c20

huaweiar150-s_firmwareMatchv200r008c30

huaweiar160_firmwareMatchv200r006c10

huaweiar160_firmwareMatchv200r006c12

huaweiar160_firmwareMatchv200r007c00

huaweiar160_firmwareMatchv200r007c01

huaweiar160_firmwareMatchv200r007c02

huaweiar160_firmwareMatchv200r008c20

huaweiar160_firmwareMatchv200r008c30

huaweiar200_firmwareMatchv200r006c10

huaweiar200_firmwareMatchv200r007c00

huaweiar200_firmwareMatchv200r007c01

huaweiar200_firmwareMatchv200r008c20

huaweiar200_firmwareMatchv200r008c30

huaweiar200-s_firmwareMatchv200r006c10

huaweiar200-s_firmwareMatchv200r007c00

huaweiar200-s_firmwareMatchv200r008c20

huaweiar200-s_firmwareMatchv200r008c30

huaweiar2200_firmwareMatchv200r006c10

huaweiar2200_firmwareMatchv200r006c13

huaweiar2200_firmwareMatchv200r006c16

huaweiar2200_firmwareMatchv200r007c00

huaweiar2200_firmwareMatchv200r007c01

huaweiar2200_firmwareMatchv200r007c02

huaweiar2200_firmwareMatchv200r008c20

huaweiar2200_firmwareMatchv200r008c30

huaweiar2200-s_firmwareMatchv200r006c10

huaweiar2200-s_firmwareMatchv200r007c00

huaweiar2200-s_firmwareMatchv200r008c20

huaweiar2200-s_firmwareMatchv200r008c30

huaweiar3200_firmwareMatchv200r006c10

huaweiar3200_firmwareMatchv200r006c11

huaweiar3200_firmwareMatchv200r007c00

huaweiar3200_firmwareMatchv200r007c01

huaweiar3200_firmwareMatchv200r007c02

huaweiar3200_firmwareMatchv200r008c00

huaweiar3200_firmwareMatchv200r008c10

huaweiar3200_firmwareMatchv200r008c20

huaweiar3200_firmwareMatchv200r008c30

huaweiar510_firmwareMatchv200r006c10

huaweiar510_firmwareMatchv200r006c12

huaweiar510_firmwareMatchv200r006c13

huaweiar510_firmwareMatchv200r006c15

huaweiar510_firmwareMatchv200r006c16

huaweiar510_firmwareMatchv200r006c17

huaweiar510_firmwareMatchv200r007c00

huaweiar510_firmwareMatchv200r008c20

huaweiar510_firmwareMatchv200r008c30

huaweisrg1300_firmwareMatchv200r006c10

huaweisrg1300_firmwareMatchv200r007c00

huaweisrg1300_firmwareMatchv200r007c02

huaweisrg1300_firmwareMatchv200r008c20

huaweisrg1300_firmwareMatchv200r008c30

huaweisrg2300_firmwareMatchv200r006c10

huaweisrg2300_firmwareMatchv200r007c00

huaweisrg2300_firmwareMatchv200r007c02

huaweisrg2300_firmwareMatchv200r008c20

huaweisrg2300_firmwareMatchv200r008c30

huaweisrg3300_firmwareMatchv200r006c10

huaweisrg3300_firmwareMatchv200r007c00

huaweisrg3300_firmwareMatchv200r008c20

huaweisrg3300_firmwareMatchv200r008c30

VendorProductVersionCPE
huaweiar120-s_firmwarev200r006c10cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:*:*:*:*:*:*:*
huaweiar120-s_firmwarev200r007c00cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00:*:*:*:*:*:*:*
huaweiar120-s_firmwarev200r008c20cpe:2.3:o:huawei:ar120-s_firmware:v200r008c20:*:*:*:*:*:*:*
huaweiar120-s_firmwarev200r008c30cpe:2.3:o:huawei:ar120-s_firmware:v200r008c30:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r006c10cpe:2.3:o:huawei:ar1200_firmware:v200r006c10:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r006c13cpe:2.3:o:huawei:ar1200_firmware:v200r006c13:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r007c00cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r007c01cpe:2.3:o:huawei:ar1200_firmware:v200r007c01:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r007c02cpe:2.3:o:huawei:ar1200_firmware:v200r007c02:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r008c20cpe:2.3:o:huawei:ar1200_firmware:v200r008c20:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	ar120-s_firmware	v200r006c10	cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:::::::*
huawei	ar120-s_firmware	v200r007c00	cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00:::::::*
huawei	ar120-s_firmware	v200r008c20	cpe:2.3:o:huawei:ar120-s_firmware:v200r008c20:::::::*
huawei	ar120-s_firmware	v200r008c30	cpe:2.3:o:huawei:ar120-s_firmware:v200r008c30:::::::*
huawei	ar1200_firmware	v200r006c10	cpe:2.3:o:huawei:ar1200_firmware:v200r006c10:::::::*
huawei	ar1200_firmware	v200r006c13	cpe:2.3:o:huawei:ar1200_firmware:v200r006c13:::::::*
huawei	ar1200_firmware	v200r007c00	cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:::::::*
huawei	ar1200_firmware	v200r007c01	cpe:2.3:o:huawei:ar1200_firmware:v200r007c01:::::::*
huawei	ar1200_firmware	v200r007c02	cpe:2.3:o:huawei:ar1200_firmware:v200r007c02:::::::*
huawei	ar1200_firmware	v200r008c20	cpe:2.3:o:huawei:ar1200_firmware:v200r008c20:::::::*

Rows per page:

1-10 of 851

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.002

Percentile

62.2%

JSON

Related for HUAWEI-SA-20171206-01-SCTP