Lucene search

[email protected]NVD:CVE-2017-15353

HistoryFeb 15, 2018 - 4:29 p.m.

CVE-2017-15353

2018-02-1516:29:01

CWE-125

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

3.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

4.1

Confidence

High

EPSS

0.001

Percentile

39.8%

JSON

Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal.

Affected configurations

Nvd

Node

huaweidp300_firmwareMatchv500r002c00

AND

huaweidp300Match-

Node

huaweirp200_firmwareMatchv500r002c00

huaweirp200_firmwareMatchv600r006c00

AND

huaweirp200Match-

Node

huaweirse6500_firmwareMatchv500r002c00

AND

huaweirse6500Match-

Node

huaweite30_firmwareMatchv100r001c02

huaweite30_firmwareMatchv100r001c10

huaweite30_firmwareMatchv500r002c00

huaweite30_firmwareMatchv600r006c00

AND

huaweite30Match-

Node

huaweite40_firmwareMatchv500r002c00

huaweite40_firmwareMatchv600r006c00

AND

huaweite40Match-

Node

huaweite50_firmwareMatchv500r002c00

huaweite50_firmwareMatchv600r006c00

AND

huaweite50Match-

Node

huaweite60_firmwareMatchv100r001c01

huaweite60_firmwareMatchv100r001c10

huaweite60_firmwareMatchv500r002c00

huaweite60_firmwareMatchv600r006c00

AND

huaweite60Match-

Node

huaweitx50_firmwareMatchv500r002c00

huaweitx50_firmwareMatchv600r006c00

AND

huaweitx50Match-

Node

huaweiviewpoint_8660_firmwareMatchv100r008c03

AND

huaweiviewpoint_8660Match-

Node

huaweivp9660_firmwareMatchv500r002c00

huaweivp9660_firmwareMatchv500r002c10

AND

huaweivp9660Match-

Node

huaweiviewpoint_9030_firmwareMatchv100r011c02

huaweiviewpoint_9030_firmwareMatchv100r011c03

AND

huaweiviewpoint_9030Match-

VendorProductVersionCPE
huaweidp300_firmwarev500r002c00cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*
huaweidp300-cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*
huaweirp200_firmwarev500r002c00cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*
huaweirp200_firmwarev600r006c00cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*
huaweirp200-cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*
huaweirse6500_firmwarev500r002c00cpe:2.3:o:huawei:rse6500_firmware:v500r002c00:*:*:*:*:*:*:*
huaweirse6500-cpe:2.3:h:huawei:rse6500:-:*:*:*:*:*:*:*
huaweite30_firmwarev100r001c02cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*
huaweite30_firmwarev100r001c10cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*
huaweite30_firmwarev500r002c00cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
huawei	dp300_firmware	v500r002c00	cpe:2.3:o:huawei:dp300_firmware:v500r002c00:::::::*
huawei	dp300	-	cpe:2.3:h:huawei:dp300:-:::::::*
huawei	rp200_firmware	v500r002c00	cpe:2.3:o:huawei:rp200_firmware:v500r002c00:::::::*
huawei	rp200_firmware	v600r006c00	cpe:2.3:o:huawei:rp200_firmware:v600r006c00:::::::*
huawei	rp200	-	cpe:2.3:h:huawei:rp200:-:::::::*
huawei	rse6500_firmware	v500r002c00	cpe:2.3:o:huawei:rse6500_firmware:v500r002c00:::::::*
huawei	rse6500	-	cpe:2.3:h:huawei:rse6500:-:::::::*
huawei	te30_firmware	v100r001c02	cpe:2.3:o:huawei:te30_firmware:v100r001c02:::::::*
huawei	te30_firmware	v100r001c10	cpe:2.3:o:huawei:te30_firmware:v100r001c10:::::::*
huawei	te30_firmware	v500r002c00	cpe:2.3:o:huawei:te30_firmware:v500r002c00:::::::*

Rows per page:

1-10 of 341

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS3

3.7

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

4.1

Confidence

High

EPSS

0.001

Percentile

39.8%

JSON

Related for NVD:CVE-2017-15353

huawei1 cve1 cvelist1 prion1