← Back

CVE-2017-15314

nvd nist
Published: Mar 9, 2018Modified: Nov 21, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.

Affected (26)

Huawei
6 products
Dp300 Firmware
Rp200 Firmware
Te30 Firmware
Te40 Firmware
Te50 Firmware
Te60 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Dp300 Firmware
Version v500r002c00
Running on/withPlatform Versions
Huawei
Dp300
All versions
Configuration B
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Rp200 Firmware
Version v500r002c00spc200
Rp200 Firmware
Version v600r006c00
Running on/withPlatform Versions
Huawei
Rp200
All versions
Configuration C
11 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Te30 Firmware
Version v100r001c10spc300
Te30 Firmware
Version v100r001c10spc500
Te30 Firmware
Version v100r001c10spc600
Te30 Firmware
Version v100r001c10spc700
Te30 Firmware
Version v500r002c00spc200
Te30 Firmware
Version v500r002c00spc500
Te30 Firmware
Version v500r002c00spc600
Te30 Firmware
Version v500r002c00spc700
Te30 Firmware
Version v500r002c00spc900
Te30 Firmware
Version v500r002c00spcb00
Te30 Firmware
Version v600r006c00
Running on/withPlatform Versions
Huawei
Te30
All versions
Configuration D
5 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Te40 Firmware
Version v500r002c00spc600
Te40 Firmware
Version v500r002c00spc700
Te40 Firmware
Version v500r002c00spc900
Te40 Firmware
Version v500r002c00spcb00
Te40 Firmware
Version v600r006c00
Running on/withPlatform Versions
Huawei
Te40
All versions
Configuration E
4 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Te50 Firmware
Version v500r002c00spc600
Te50 Firmware
Version v500r002c00spc700
Te50 Firmware
Version v500r002c00spcb00
Te50 Firmware
Version v600r006c00
Running on/withPlatform Versions
Huawei
Te50
All versions
Configuration F
3 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Te60 Firmware
Version v100r001c10
Te60 Firmware
Version v500r002c00
Te60 Firmware
Version v600r006c00
Running on/withPlatform Versions
Huawei
Te60
All versions

Related CWEs

CWE-772
Missing Release of Resource after Effective Lifetime
The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.

References (2)

Source: psirt@huawei.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.