← Back

CVE-2017-17282

nvd nist
Published: Mar 9, 2018Modified: Nov 21, 2024

JSON object

Loading...
3.1
Vector
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Exploitability: 1.6 / Impact: 1.4
Source: NVD

Description

SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal.

Affected (13)

Huawei
6 products
Dp300 Firmware
Rp200 Firmware
Te30 Firmware
Te40 Firmware
Te50 Firmware
Te60 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Dp300 Firmware
Version v500r002c00
Running on/withPlatform Versions
Huawei
Dp300
All versions
Configuration B
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Rp200 Firmware
Version v500r002c00
Rp200 Firmware
Version v600r006c00
Running on/withPlatform Versions
Huawei
Rp200
All versions
Configuration C
3 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Te30 Firmware
Version v100r001c10
Te30 Firmware
Version v500r002c00
Te30 Firmware
Version v600r006c00
Running on/withPlatform Versions
Huawei
Te30
All versions
Configuration D
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Te40 Firmware
Version v500r002c00
Te40 Firmware
Version v600r006c00
Running on/withPlatform Versions
Huawei
Te40
All versions
Configuration E
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Te50 Firmware
Version v500r002c00
Te50 Firmware
Version v600r006c00
Running on/withPlatform Versions
Huawei
Te50
All versions
Configuration F
3 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Te60 Firmware
Version v100r001c10
Te60 Firmware
Version v500r002c00
Te60 Firmware
Version v600r006c00
Running on/withPlatform Versions
Huawei
Te60
All versions

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (2)

Source: psirt@huawei.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.