Lucene search

K
huaweiHuawei TechnologiesHUAWEI-SA-20171227-01-H323
HistoryDec 27, 2017 - 12:00 a.m.

Security Advisory - Several Vulnerabilities in H323 Protocol of Huawei Products

2017-12-2700:00:00
Huawei Technologies
www.huawei.com
9

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

60.0%

There are three null pointer dereference vulnerabilities in H323 protocol of Huawei products. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash. (Vulnerability ID: HWPSIRT-2017-06286,HWPSIRT-2017-06299 and HWPSIRT-2017-06300)

The three vulnerabilities have been assigned three Common Vulnerabilities and Exposures (CVE) IDs: CVE-2017-17251, CVE-2017-17254 and CVE-2017-17255.

There are two out-of-bounds read vulnerabilities in H323 protocol of Huawei products. An unauthenticated, remote attacker could craft malformed packets with specific parameters and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash. (Vulnerability ID: HWPSIRT-2017-06297 and HWPSIRT-2017-06298)

The two vulnerabilities have been assigned two Common Vulnerabilities and Exposures (CVE) IDs: CVE-2017-17252 and CVE-2017-17253.

There are several memory leak vulnerabilities in H323 protocol of Huawei products. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient verification of the packets, successful exploit could cause a memory leak and eventual denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2017-06301 and HWPSIRT-2017-06302)

The two vulnerabilities have been assigned two Common Vulnerabilities and Exposures (CVE) IDs: CVE-2017-17256 and CVE-2017-17257.

There is a resource management vulnerability in H323 protocol of Huawei products. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products in the case of failure to apply for memory. Due to insufficient validation of packets, which could be exploited to cause process crash. (Vulnerability ID: HWPSIRT-2017-06303)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17258.

Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en

Affected configurations

Vulners
Node
huaweiar120-sMatchV200R006C10
OR
huaweiar120-sMatchV200R007C00
OR
huaweiar120-sMatchV200R008C20
OR
huaweiar120-sMatchV200R008C30
OR
huaweiar1200MatchV200R006C10
OR
huaweiar1200MatchV200R006C13
OR
huaweiar1200MatchV200R007C00
OR
huaweiar1200MatchV200R007C01
OR
huaweiar1200MatchV200R007C02
OR
huaweiar1200MatchV200R008C20
OR
huaweiar1200MatchV200R008C30
OR
huaweiar1200-sMatchV200R006C10
OR
huaweiar1200-sMatchV200R007C00
OR
huaweiar1200-sMatchV200R008C20
OR
huaweiar1200-sMatchV200R008C30
OR
huaweiar150MatchV200R006C10
OR
huaweiar150MatchV200R007C00
OR
huaweiar150MatchV200R007C01
OR
huaweiar150MatchV200R007C02
OR
huaweiar150MatchV200R008C20
OR
huaweiar150MatchV200R008C30
OR
huaweiar150-sMatchV200R006C10SPC300
OR
huaweiar150-sMatchV200R007C00
OR
huaweiar150-sMatchV200R008C20
OR
huaweiar150-sMatchV200R008C30
OR
huaweiar160MatchV200R006C10
OR
huaweiar160MatchV200R006C12
OR
huaweiar160MatchV200R007C00
OR
huaweiar160MatchV200R007C01
OR
huaweiar160MatchV200R007C02
OR
huaweiar160MatchV200R008C20
OR
huaweiar160MatchV200R008C30
OR
huaweiar200MatchV200R006C10
OR
huaweiar200MatchV200R007C00
OR
huaweiar200MatchV200R007C01
OR
huaweiar200MatchV200R008C20
OR
huaweiar200MatchV200R008C30
OR
huaweiar200-sMatchV200R006C10
OR
huaweiar200-sMatchV200R007C00
OR
huaweiar200-sMatchV200R008C20
OR
huaweiar200-sMatchV200R008C30
OR
huaweiar2200MatchV200R006C10
OR
huaweiar2200MatchV200R006C13
OR
huaweiar2200MatchV200R006C16PWE
OR
huaweiar2200MatchV200R007C00
OR
huaweiar2200MatchV200R007C01
OR
huaweiar2200MatchV200R007C02
OR
huaweiar2200MatchV200R008C20
OR
huaweiar2200MatchV200R008C30
OR
huaweiar2200-sMatchV200R006C10
OR
huaweiar2200-sMatchV200R007C00
OR
huaweiar2200-sMatchV200R008C20
OR
huaweiar2200-sMatchV200R008C30
OR
huaweiar3200MatchV200R006C10
OR
huaweiar3200MatchV200R006C11
OR
huaweiar3200MatchV200R007C00
OR
huaweiar3200MatchV200R007C01
OR
huaweiar3200MatchV200R007C02
OR
huaweiar3200MatchV200R008C00
OR
huaweiar3200MatchV200R008C10
OR
huaweiar3200MatchV200R008C20
OR
huaweiar3200MatchV200R008C30
OR
huaweiar3600MatchV200R006C10
OR
huaweiar3600MatchV200R007C00
OR
huaweiar3600MatchV200R007C01
OR
huaweiar3600MatchV200R008C20
OR
huaweiar510MatchV200R006C10
OR
huaweiar510MatchV200R006C12
OR
huaweiar510MatchV200R006C13
OR
huaweiar510MatchV200R006C15
OR
huaweiar510MatchV200R006C16
OR
huaweiar510MatchV200R006C17
OR
huaweiar510MatchV200R007C00SPC180T
OR
huaweiar510MatchV200R008C20
OR
huaweiar510MatchV200R008C30
OR
huaweidp300MatchV500R002C00
OR
huaweiips_moduleMatchV100R001C10SPC200
OR
huaweiips_moduleMatchV100R001C20
OR
huaweiips_moduleMatchV100R001C30
OR
huaweiips_moduleMatchV500R001C00
OR
huaweiips_moduleMatchV500R001C20
OR
huaweiips_moduleMatchV500R001C30
OR
huaweiips_moduleMatchV500R001C50
OR
huaweingfw_moduleMatchV100R001C10SPC200
OR
huaweingfw_moduleMatchV100R001C20
OR
huaweingfw_moduleMatchV100R001C30
OR
huaweingfw_moduleMatchV500R001C00
OR
huaweingfw_moduleMatchV500R001C20
OR
huaweingfw_moduleMatchV500R002C00
OR
huaweingfw_moduleMatchV500R002C10
OR
huaweinip6300MatchV500R001C00
OR
huaweinip6300MatchV500R001C20
OR
huaweinip6300MatchV500R001C30
OR
huaweinip6300MatchV500R001C50
OR
huaweinip6600MatchV500R001C00
OR
huaweinip6600MatchV500R001C20
OR
huaweinip6600MatchV500R001C30
OR
huaweinip6600MatchV500R001C50
OR
huaweinip6800MatchV500R001C50
OR
huaweinetengine16exMatchV200R006C10
OR
huaweinetengine16exMatchV200R007C00
OR
huaweinetengine16exMatchV200R008C20
OR
huaweinetengine16exMatchV200R008C30
OR
huaweirse6500MatchV500R002C00
OR
huaweisrg1300MatchV200R006C10
OR
huaweisrg1300MatchV200R007C00
OR
huaweisrg1300MatchV200R007C02
OR
huaweisrg1300MatchV200R008C20
OR
huaweisrg1300MatchV200R008C30
OR
huaweisrg2300MatchV200R006C10
OR
huaweisrg2300MatchV200R007C00
OR
huaweisrg2300MatchV200R007C02
OR
huaweisrg2300MatchV200R008C20
OR
huaweisrg2300MatchV200R008C30
OR
huaweisrg3300MatchV200R006C10
OR
huaweisrg3300MatchV200R007C00
OR
huaweisrg3300MatchV200R008C20
OR
huaweisrg3300MatchV200R008C30
OR
huaweisvn5600MatchV200R003C00
OR
huaweisvn5600MatchV200R003C10
OR
huaweisvn5800MatchV200R003C00
OR
huaweisvn5800MatchV200R003C10
OR
huaweisvn5800-cMatchV200R003C00
OR
huaweisvn5800-cMatchV200R003C10
OR
huaweisemg9811MatchV300R001C01
OR
huaweisecospace_usg6300MatchV100R001C10
OR
huaweisecospace_usg6300MatchV100R001C20
OR
huaweisecospace_usg6300MatchV100R001C30
OR
huaweisecospace_usg6300MatchV500R001C00
OR
huaweisecospace_usg6300MatchV500R001C20
OR
huaweisecospace_usg6300MatchV500R001C30
OR
huaweisecospace_usg6300MatchV500R001C50
OR
huaweisecospace_usg6500MatchV100R001C10
OR
huaweisecospace_usg6500MatchV100R001C20
OR
huaweisecospace_usg6500MatchV100R001C30
OR
huaweisecospace_usg6500MatchV500R001C00
OR
huaweisecospace_usg6500MatchV500R001C20
OR
huaweisecospace_usg6500MatchV500R001C30
OR
huaweisecospace_usg6500MatchV500R001C50
OR
huaweisecospace_usg6600MatchV100R001C00SPC200
OR
huaweisecospace_usg6600MatchV100R001C10
OR
huaweisecospace_usg6600MatchV100R001C20
OR
huaweisecospace_usg6600MatchV100R001C30
OR
huaweisecospace_usg6600MatchV500R001C00
OR
huaweisecospace_usg6600MatchV500R001C20
OR
huaweisecospace_usg6600MatchV500R001C30
OR
huaweisecospace_usg6600MatchV500R001C50
OR
huaweisecospace_usg6600MatchV500R001C60
OR
huaweite30MatchV100R001C02
OR
huaweite30MatchV100R001C10
OR
huaweite30MatchV500R002C00
OR
huaweite30MatchV600R006C00
OR
huaweite40MatchV500R002C00
OR
huaweite40MatchV600R006C00
OR
huaweite50MatchV500R002C00
OR
huaweite50MatchV600R006C00
OR
huaweite60MatchV100R001C01
OR
huaweite60MatchV100R001C10
OR
huaweite60MatchV500R002C00
OR
huaweite60MatchV600R006C00
OR
huaweitp3106MatchV100R002C00
OR
huaweitp3206MatchV100R002C00
OR
huaweitp3206MatchV100R002C10
OR
huaweiusg6000vMatchV500R001C20
OR
huaweiusg9500MatchV500R001C00
OR
huaweiusg9500MatchV500R001C20
OR
huaweiusg9500MatchV500R001C30
OR
huaweiusg9500MatchV500R001C50
OR
huaweiusg9520MatchV300R001C01
OR
huaweiusg9520MatchV300R001C20
OR
huaweiusg9560MatchV300R001C01
OR
huaweiusg9560MatchV300R001C20
OR
huaweiusg9580MatchV300R001C01
OR
huaweiusg9580MatchV300R001C20
OR
huaweivp9660MatchV500R002C00
OR
huaweivp9660MatchV500R002C10
OR
huaweiviewpoint_8660MatchV100R008C03
OR
huaweiviewpoint_9030MatchV100R011C02

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

60.0%

Related for HUAWEI-SA-20171227-01-H323