CVE-2017-15353
3.7
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Exploitability: 2.2 / Impact: 1.4
Source: NVD
Description
Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal.
Affected (23)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r002c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Dp300 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r002c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Rp200 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r002c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Rse6500 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r001c02 |
| Running on/with | Platform Versions |
|---|---|
Huawei Te30 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r002c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Te40 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r002c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Te50 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r001c01 |
| Running on/with | Platform Versions |
|---|---|
Huawei Te60 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r002c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Tx50 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r008c03 |
| Running on/with | Platform Versions |
|---|---|
Huawei Viewpoint 8660 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r002c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Vp9660 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r011c02 |
| Running on/with | Platform Versions |
|---|---|
Huawei Viewpoint 9030 | All versions |
References (2)
Source: psirt@huawei.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.