CVE-2017-2690

Published: Nov 22, 2017Modified: May 13, 2026

5.5

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

SoftCo with software V200R003C20,eSpace U1910 with software V200R003C00, V200R003C20 and V200R003C30,eSpace U1911 with software V200R003C20, V200R003C30,eSpace U1930 with software V200R003C20 and V200R003C30,eSpace U1960 with software V200R003C20, V200R003C30,eSpace U1980 with software V200R003C20, V200R003C30,eSpace U1981 with software V200R003C20 and V200R003C30 have an denial of service (DoS) vulnerability, which allow an attacker with specific permission to craft a file containing malicious data and upload it to the device to exhaust memory, causing a DoS condition.

Affected (14)

Products: Huawei: Softco Firmware, Espace U1910 Firmware, Espace U1911 Firmware, Espace U1930 Firmware, Espace U1960 Firmware, Espace U1980 Firmware, Espace U1981 Firmware

Huawei

7 products

Softco Firmware

Espace U1910 Firmware

Espace U1911 Firmware

Espace U1930 Firmware

Espace U1960 Firmware

Espace U1980 Firmware

Espace U1981 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Softco Firmware	Version v200r003c20

Running on/with	Platform Versions
Huawei Softco	All versions

Configuration B

3 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Espace U1910 Firmware	Version v200r003c00
Huawei Espace U1910 Firmware	Version v200r003c20
Huawei Espace U1910 Firmware	Version v200r003c30

Running on/with	Platform Versions
Huawei Espace U1910	All versions

Configuration C

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Espace U1911 Firmware	Version v200r003c20
Huawei Espace U1911 Firmware	Version v200r003c30

Running on/with	Platform Versions
Huawei Espace U1911	All versions

Configuration D

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Espace U1930 Firmware	Version v200r003c20
Huawei Espace U1930 Firmware	Version v200r003c30

Running on/with	Platform Versions
Huawei Espace U1930	All versions

Configuration E

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Espace U1960 Firmware	Version v200r003c20
Huawei Espace U1960 Firmware	Version v200r003c30

Running on/with	Platform Versions
Huawei Espace U1960	All versions

Configuration F

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Espace U1980 Firmware	Version v200r003c20
Huawei Espace U1980 Firmware	Version v200r003c30

Running on/with	Platform Versions
Huawei Espace U1980	All versions

Configuration G

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Huawei Espace U1981 Firmware	Version v200r003c20
Huawei Espace U1981 Firmware	Version v200r003c30

Running on/with	Platform Versions
Huawei Espace U1981	All versions

Related CWEs

CWE-400

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (4)

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170111-01-parser-en

Source: psirt@huawei.com

Vendor Advisory

http://www.securityfocus.com/bid/95382

Source: psirt@huawei.com

Third Party AdvisoryVDB Entry

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170111-01-parser-en

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/95382

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

Timeline

No history available yet.