Lucene search

Huawei TechnologiesHUAWEI-SA-20171227-01-H323

HistoryDec 27, 2017 - 12:00 a.m.

Security Advisory - Several Vulnerabilities in H323 Protocol of Huawei Products

2017-12-2700:00:00

Huawei Technologies

www.huawei.com

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

60.0%

JSON

There are three null pointer dereference vulnerabilities in H323 protocol of Huawei products. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash. (Vulnerability ID: HWPSIRT-2017-06286,HWPSIRT-2017-06299 and HWPSIRT-2017-06300)

The three vulnerabilities have been assigned three Common Vulnerabilities and Exposures (CVE) IDs: CVE-2017-17251, CVE-2017-17254 and CVE-2017-17255.

There are two out-of-bounds read vulnerabilities in H323 protocol of Huawei products. An unauthenticated, remote attacker could craft malformed packets with specific parameters and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash. (Vulnerability ID: HWPSIRT-2017-06297 and HWPSIRT-2017-06298)

The two vulnerabilities have been assigned two Common Vulnerabilities and Exposures (CVE) IDs: CVE-2017-17252 and CVE-2017-17253.

There are several memory leak vulnerabilities in H323 protocol of Huawei products. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products. Due to insufficient verification of the packets, successful exploit could cause a memory leak and eventual denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2017-06301 and HWPSIRT-2017-06302)

The two vulnerabilities have been assigned two Common Vulnerabilities and Exposures (CVE) IDs: CVE-2017-17256 and CVE-2017-17257.

There is a resource management vulnerability in H323 protocol of Huawei products. An unauthenticated, remote attacker could craft malformed packets and send the packets to the affected products in the case of failure to apply for memory. Due to insufficient validation of packets, which could be exploited to cause process crash. (Vulnerability ID: HWPSIRT-2017-06303)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17258.

Huawei has released software updates to fix these vulnerabilities. This advisory is available at the following link:

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en

Affected configurations

Vulners

Node

huaweiar120-sMatchV200R006C10

huaweiar120-sMatchV200R007C00

huaweiar120-sMatchV200R008C20

huaweiar120-sMatchV200R008C30

huaweiar1200MatchV200R006C10

huaweiar1200MatchV200R006C13

huaweiar1200MatchV200R007C00

huaweiar1200MatchV200R007C01

huaweiar1200MatchV200R007C02

huaweiar1200MatchV200R008C20

huaweiar1200MatchV200R008C30

huaweiar1200-sMatchV200R006C10

huaweiar1200-sMatchV200R007C00

huaweiar1200-sMatchV200R008C20

huaweiar1200-sMatchV200R008C30

huaweiar150MatchV200R006C10

huaweiar150MatchV200R007C00

huaweiar150MatchV200R007C01

huaweiar150MatchV200R007C02

huaweiar150MatchV200R008C20

huaweiar150MatchV200R008C30

huaweiar150-sMatchV200R006C10SPC300

huaweiar150-sMatchV200R007C00

huaweiar150-sMatchV200R008C20

huaweiar150-sMatchV200R008C30

huaweiar160MatchV200R006C10

huaweiar160MatchV200R006C12

huaweiar160MatchV200R007C00

huaweiar160MatchV200R007C01

huaweiar160MatchV200R007C02

huaweiar160MatchV200R008C20

huaweiar160MatchV200R008C30

huaweiar200MatchV200R006C10

huaweiar200MatchV200R007C00

huaweiar200MatchV200R007C01

huaweiar200MatchV200R008C20

huaweiar200MatchV200R008C30

huaweiar200-sMatchV200R006C10

huaweiar200-sMatchV200R007C00

huaweiar200-sMatchV200R008C20

huaweiar200-sMatchV200R008C30

huaweiar2200MatchV200R006C10

huaweiar2200MatchV200R006C13

huaweiar2200MatchV200R006C16PWE

huaweiar2200MatchV200R007C00

huaweiar2200MatchV200R007C01

huaweiar2200MatchV200R007C02

huaweiar2200MatchV200R008C20

huaweiar2200MatchV200R008C30

huaweiar2200-sMatchV200R006C10

huaweiar2200-sMatchV200R007C00

huaweiar2200-sMatchV200R008C20

huaweiar2200-sMatchV200R008C30

huaweiar3200MatchV200R006C10

huaweiar3200MatchV200R006C11

huaweiar3200MatchV200R007C00

huaweiar3200MatchV200R007C01

huaweiar3200MatchV200R007C02

huaweiar3200MatchV200R008C00

huaweiar3200MatchV200R008C10

huaweiar3200MatchV200R008C20

huaweiar3200MatchV200R008C30

huaweiar3600MatchV200R006C10

huaweiar3600MatchV200R007C00

huaweiar3600MatchV200R007C01

huaweiar3600MatchV200R008C20

huaweiar510MatchV200R006C10

huaweiar510MatchV200R006C12

huaweiar510MatchV200R006C13

huaweiar510MatchV200R006C15

huaweiar510MatchV200R006C16

huaweiar510MatchV200R006C17

huaweiar510MatchV200R007C00SPC180T

huaweiar510MatchV200R008C20

huaweiar510MatchV200R008C30

huaweidp300MatchV500R002C00

huaweiips_moduleMatchV100R001C10SPC200

huaweiips_moduleMatchV100R001C20

huaweiips_moduleMatchV100R001C30

huaweiips_moduleMatchV500R001C00

huaweiips_moduleMatchV500R001C20

huaweiips_moduleMatchV500R001C30

huaweiips_moduleMatchV500R001C50

huaweingfw_moduleMatchV100R001C10SPC200

huaweingfw_moduleMatchV100R001C20

huaweingfw_moduleMatchV100R001C30

huaweingfw_moduleMatchV500R001C00

huaweingfw_moduleMatchV500R001C20

huaweingfw_moduleMatchV500R002C00

huaweingfw_moduleMatchV500R002C10

huaweinip6300MatchV500R001C00

huaweinip6300MatchV500R001C20

huaweinip6300MatchV500R001C30

huaweinip6300MatchV500R001C50

huaweinip6600MatchV500R001C00

huaweinip6600MatchV500R001C20

huaweinip6600MatchV500R001C30

huaweinip6600MatchV500R001C50

huaweinip6800MatchV500R001C50

huaweinetengine16exMatchV200R006C10

huaweinetengine16exMatchV200R007C00

huaweinetengine16exMatchV200R008C20

huaweinetengine16exMatchV200R008C30

huaweirse6500MatchV500R002C00

huaweisrg1300MatchV200R006C10

huaweisrg1300MatchV200R007C00

huaweisrg1300MatchV200R007C02

huaweisrg1300MatchV200R008C20

huaweisrg1300MatchV200R008C30

huaweisrg2300MatchV200R006C10

huaweisrg2300MatchV200R007C00

huaweisrg2300MatchV200R007C02

huaweisrg2300MatchV200R008C20

huaweisrg2300MatchV200R008C30

huaweisrg3300MatchV200R006C10

huaweisrg3300MatchV200R007C00

huaweisrg3300MatchV200R008C20

huaweisrg3300MatchV200R008C30

huaweisvn5600MatchV200R003C00

huaweisvn5600MatchV200R003C10

huaweisvn5800MatchV200R003C00

huaweisvn5800MatchV200R003C10

huaweisvn5800-cMatchV200R003C00

huaweisvn5800-cMatchV200R003C10

huaweisemg9811MatchV300R001C01

huaweisecospace_usg6300MatchV100R001C10

huaweisecospace_usg6300MatchV100R001C20

huaweisecospace_usg6300MatchV100R001C30

huaweisecospace_usg6300MatchV500R001C00

huaweisecospace_usg6300MatchV500R001C20

huaweisecospace_usg6300MatchV500R001C30

huaweisecospace_usg6300MatchV500R001C50

huaweisecospace_usg6500MatchV100R001C10

huaweisecospace_usg6500MatchV100R001C20

huaweisecospace_usg6500MatchV100R001C30

huaweisecospace_usg6500MatchV500R001C00

huaweisecospace_usg6500MatchV500R001C20

huaweisecospace_usg6500MatchV500R001C30

huaweisecospace_usg6500MatchV500R001C50

huaweisecospace_usg6600MatchV100R001C00SPC200

huaweisecospace_usg6600MatchV100R001C10

huaweisecospace_usg6600MatchV100R001C20

huaweisecospace_usg6600MatchV100R001C30

huaweisecospace_usg6600MatchV500R001C00

huaweisecospace_usg6600MatchV500R001C20

huaweisecospace_usg6600MatchV500R001C30

huaweisecospace_usg6600MatchV500R001C50

huaweisecospace_usg6600MatchV500R001C60

huaweite30MatchV100R001C02

huaweite30MatchV100R001C10

huaweite30MatchV500R002C00

huaweite30MatchV600R006C00

huaweite40MatchV500R002C00

huaweite40MatchV600R006C00

huaweite50MatchV500R002C00

huaweite50MatchV600R006C00

huaweite60MatchV100R001C01

huaweite60MatchV100R001C10

huaweite60MatchV500R002C00

huaweite60MatchV600R006C00

huaweitp3106MatchV100R002C00

huaweitp3206MatchV100R002C00

huaweitp3206MatchV100R002C10

huaweiusg6000vMatchV500R001C20

huaweiusg9500MatchV500R001C00

huaweiusg9500MatchV500R001C20

huaweiusg9500MatchV500R001C30

huaweiusg9500MatchV500R001C50

huaweiusg9520MatchV300R001C01

huaweiusg9520MatchV300R001C20

huaweiusg9560MatchV300R001C01

huaweiusg9560MatchV300R001C20

huaweiusg9580MatchV300R001C01

huaweiusg9580MatchV300R001C20

huaweivp9660MatchV500R002C00

huaweivp9660MatchV500R002C10

huaweiviewpoint_8660MatchV100R008C03

huaweiviewpoint_9030MatchV100R011C02

CPENameOperatorVersion
ar120-seqV200R006C10
ar120-seqV200R007C00
ar120-seqV200R008C20
ar120-seqV200R008C30
ar1200eqV200R006C10
ar1200eqV200R006C13
ar1200eqV200R007C00
ar1200eqV200R007C01
ar1200eqV200R007C02
ar1200eqV200R008C20

Name	Operator	Version
ar120-s	eq	V200R006C10
ar120-s	eq	V200R007C00
ar120-s	eq	V200R008C20
ar120-s	eq	V200R008C30
ar1200	eq	V200R006C10
ar1200	eq	V200R006C13
ar1200	eq	V200R007C00
ar1200	eq	V200R007C01
ar1200	eq	V200R007C02
ar1200	eq	V200R008C20

Rows per page:

1-10 of 1781

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

60.0%

JSON

Related for HUAWEI-SA-20171227-01-H323