Search criteria
195 vulnerabilities found for rp200_firmware by huawei
FKIE_CVE-2019-19413
Vulnerability from fkie_nvd - Published: 2020-01-21 23:15 - Updated: 2024-11-21 04:34
Severity ?
Summary
There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | dbs3900_tdd_lte_firmware | v100r003c00 | |
| huawei | dbs3900_tdd_lte_firmware | v100r004c10 | |
| huawei | dbs3900_tdd_lte | - | |
| huawei | dp300_firmware | v500r002c00 | |
| huawei | dp300 | - | |
| huawei | rp200_firmware | v500r002c00spc200 | |
| huawei | rp200_firmware | v600r006c00 | |
| huawei | rp200 | - | |
| huawei | te30_firmware | v100r001c10 | |
| huawei | te30_firmware | v600r006c00 | |
| huawei | te30 | - | |
| huawei | te40_firmware | v600r006c00 | |
| huawei | te40 | - | |
| huawei | te50_firmware | v600r006c00 | |
| huawei | te50 | - | |
| huawei | te60_firmware | v100r001c10 | |
| huawei | te60_firmware | v500r002c00 | |
| huawei | te60_firmware | v600r006c00 | |
| huawei | te60 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "403CCA52-CB4F-4ABC-B7CF-4FAD9E12E1CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r004c10:*:*:*:*:*:*:*",
"matchCriteriaId": "FFAB4847-06F9-4A7C-9CFD-99DC7635166E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dbs3900_tdd_lte:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03FCC014-251D-4BE8-A43E-01456A28AEEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC535D5-0C05-4695-976F-ACF447431A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de enteros en el cliente LDAP de algunos productos Huawei. Debido a una comprobaci\u00f3n de entrada insuficiente, un atacante remoto podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes malformados hacia los dispositivos de destino. Una explotaci\u00f3n con \u00e9xito podr\u00eda causar el bloqueo del sistema afectado."
}
],
"id": "CVE-2019-19413",
"lastModified": "2024-11-21T04:34:43.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-21T23:15:13.270",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-19414
Vulnerability from fkie_nvd - Published: 2020-01-21 23:15 - Updated: 2024-11-21 04:34
Severity ?
Summary
There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | dbs3900_tdd_lte_firmware | v100r003c00 | |
| huawei | dbs3900_tdd_lte_firmware | v100r004c10 | |
| huawei | dbs3900_tdd_lte | - | |
| huawei | dp300_firmware | v500r002c00 | |
| huawei | dp300 | - | |
| huawei | rp200_firmware | v500r002c00spc200 | |
| huawei | rp200_firmware | v600r006c00 | |
| huawei | rp200 | - | |
| huawei | te30_firmware | v100r001c10 | |
| huawei | te30_firmware | v600r006c00 | |
| huawei | te30 | - | |
| huawei | te40_firmware | v600r006c00 | |
| huawei | te40 | - | |
| huawei | te50_firmware | v600r006c00 | |
| huawei | te50 | - | |
| huawei | te60_firmware | v100r001c10 | |
| huawei | te60_firmware | v500r002c00 | |
| huawei | te60_firmware | v600r006c00 | |
| huawei | te60 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "403CCA52-CB4F-4ABC-B7CF-4FAD9E12E1CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:dbs3900_tdd_lte_firmware:v100r004c10:*:*:*:*:*:*:*",
"matchCriteriaId": "FFAB4847-06F9-4A7C-9CFD-99DC7635166E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dbs3900_tdd_lte:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03FCC014-251D-4BE8-A43E-01456A28AEEC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC535D5-0C05-4695-976F-ACF447431A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de desbordamiento de enteros en el servidor LDAP de algunos productos Huawei. Debido a una comprobaci\u00f3n de entrada insuficiente, un atacante remoto podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de paquetes malformados hacia los dispositivos de destino. Una explotaci\u00f3n con \u00e9xito podr\u00eda causar el bloqueo del sistema afectado."
}
],
"id": "CVE-2019-19414",
"lastModified": "2024-11-21T04:34:43.830",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-21T23:15:13.367",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-17316
Vulnerability from fkie_nvd - Published: 2018-07-02 13:29 - Updated: 2024-11-21 03:17
Severity ?
Summary
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | dp300_firmware | v500r002c00 | |
| huawei | dp300 | - | |
| huawei | rp200_firmware | v500r002c00 | |
| huawei | rp200_firmware | v600r006c00 | |
| huawei | rp200 | - | |
| huawei | te30_firmware | v100r001c10 | |
| huawei | te30_firmware | v500r002c00 | |
| huawei | te30_firmware | v600r006c00 | |
| huawei | te30 | - | |
| huawei | te40_firmware | v500r002c00 | |
| huawei | te40_firmware | v600r006c00 | |
| huawei | te40 | - | |
| huawei | te50_firmware | v500r002c00 | |
| huawei | te50_firmware | v600r006c00 | |
| huawei | te50 | - | |
| huawei | te60_firmware | v100r001c10 | |
| huawei | te60_firmware | v500r002c00 | |
| huawei | te60_firmware | v600r006c00 | |
| huawei | te60 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEA387B-4F45-438F-8086-6E80B553163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD87254-ABAD-4DFF-BC0D-2CF030063D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4D51-314B-4A77-86A7-9C5237BC4275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal."
},
{
"lang": "es",
"value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00 y V600R006C00 tienen una vulnerabilidad de lectura fuera de l\u00edmites. Un atacante remoto no autenticado debe controlar el dispositivo peer y manipular los mensajes SCCP (Signalling Connection Control Part) a los dispositivos objetivo. Dada la validaci\u00f3n de entradas insuficiente de algunos valores en los mensajes, un exploit con \u00e9xito podr\u00eda provocar una lectura fuera de l\u00edmites y el funcionamiento err\u00f3neo de algunos servicios."
}
],
"id": "CVE-2017-17316",
"lastModified": "2024-11-21T03:17:49.387",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-02T13:29:00.257",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-17317
Vulnerability from fkie_nvd - Published: 2018-07-02 13:29 - Updated: 2024-11-21 03:17
Severity ?
Summary
Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | dp300_firmware | v500r002c00 | |
| huawei | dp300 | - | |
| huawei | rp200_firmware | v500r002c00 | |
| huawei | rp200_firmware | v600r006c00 | |
| huawei | rp200 | - | |
| huawei | te30_firmware | v100r001c02 | |
| huawei | te30_firmware | v100r001c10 | |
| huawei | te30_firmware | v500r002c00 | |
| huawei | te30_firmware | v600r006c00 | |
| huawei | te30 | - | |
| huawei | te40_firmware | v500r002c00 | |
| huawei | te40_firmware | v600r006c00 | |
| huawei | te40 | - | |
| huawei | te50_firmware | v500r002c00 | |
| huawei | te50_firmware | v600r006c00 | |
| huawei | te50 | - | |
| huawei | te60_firmware | v100r001c01 | |
| huawei | te60_firmware | v100r001c10 | |
| huawei | te60_firmware | v500r002c00 | |
| huawei | te60_firmware | v600r006c00 | |
| huawei | te60 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*",
"matchCriteriaId": "686651A5-6F2F-4AF3-9B96-FF5905F2303A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEA387B-4F45-438F-8086-6E80B553163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD87254-ABAD-4DFF-BC0D-2CF030063D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4D51-314B-4A77-86A7-9C5237BC4275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c01:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6EACB9-6832-4B2A-9C5B-C1E2747D6359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
},
{
"lang": "es",
"value": "El m\u00f3dulo COPS (Common Open Policy Service Protocol) en dispositivos Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00 y V600R006C00 tiene una vulnerabilidad de desbordamiento de b\u00fafer. Un atacante remoto no autenticado debe controlar el dispositivo del mismo nivel y enviar mensajes especialmente manipulados a los productos afectados. Dada la validaci\u00f3n de entradas insuficiente, su explotaci\u00f3n con \u00e9xito podr\u00eda provocar el funcionamiento err\u00f3neo de algunos servicios."
}
],
"id": "CVE-2017-17317",
"lastModified": "2024-11-21T03:17:49.513",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-07-02T13:29:00.317",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-17315
Vulnerability from fkie_nvd - Published: 2018-05-24 14:29 - Updated: 2024-11-21 03:17
Severity ?
Summary
Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | dp300_firmware | v500r002c00 | |
| huawei | dp300 | - | |
| huawei | rp200_firmware | v600r006c00 | |
| huawei | rp200 | - | |
| huawei | te30_firmware | v100r001c10 | |
| huawei | te30_firmware | v500r002c00 | |
| huawei | te30_firmware | v600r006c00 | |
| huawei | te30 | - | |
| huawei | te40_firmware | v500r002c00 | |
| huawei | te40_firmware | v600r006c00 | |
| huawei | te40 | - | |
| huawei | te50_firmware | v500r002c00 | |
| huawei | te50_firmware | v600r006c00 | |
| huawei | te50 | - | |
| huawei | te60_firmware | v100r001c10 | |
| huawei | te60_firmware | v500r002c00 | |
| huawei | te60_firmware | v600r006c00 | |
| huawei | te60 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEA387B-4F45-438F-8086-6E80B553163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD87254-ABAD-4DFF-BC0D-2CF030063D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4D51-314B-4A77-86A7-9C5237BC4275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal."
},
{
"lang": "es",
"value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00 y V600R006C00 tienen una vulnerabilidad de errores num\u00e9ricos. Un atacante remoto no autenticado podr\u00eda enviar mensajes SCCP especialmente manipulados a los productos afectados. Debido a la validaci\u00f3n indebida de los mensajes, provocar\u00e1 errores num\u00e9ricos al gestionar los mensajes. Un exploit con \u00e9xito podr\u00eda provocar el funcionamiento err\u00f3neo de algunos servicios."
}
],
"id": "CVE-2017-17315",
"lastModified": "2024-11-21T03:17:49.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-24T14:29:00.297",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-17314
Vulnerability from fkie_nvd - Published: 2018-04-30 14:29 - Updated: 2024-11-21 03:17
Severity ?
Summary
Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | dp300_firmware | v500r002c00 | |
| huawei | dp300 | - | |
| huawei | rp200_firmware | v600r006c00 | |
| huawei | rp200 | - | |
| huawei | te30_firmware | v100r001c10 | |
| huawei | te30_firmware | v500r002c00 | |
| huawei | te30_firmware | v600r006c00 | |
| huawei | te30 | - | |
| huawei | te40_firmware | v500r002c00 | |
| huawei | te40_firmware | v600r006c00 | |
| huawei | te40 | - | |
| huawei | te50_firmware | v500r002c00 | |
| huawei | te50_firmware | v600r006c00 | |
| huawei | te50 | - | |
| huawei | te60_firmware | v100r001c10 | |
| huawei | te60_firmware | v500r002c00 | |
| huawei | te60_firmware | v600r006c00 | |
| huawei | te60 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEA387B-4F45-438F-8086-6E80B553163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD87254-ABAD-4DFF-BC0D-2CF030063D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4D51-314B-4A77-86A7-9C5237BC4275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal."
},
{
"lang": "es",
"value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 tienen una vulnerabilidad de acceso no v\u00e1lido a la memoria. Un atacante no autenticado debe averiguar la forma de enviar mensajes SCCP mal formados a los productos afectados. Dada la validaci\u00f3n de entradas insuficiente de algunos valores en los mensajes, su explotaci\u00f3n con \u00e9xito podr\u00eda provocar un error en el b\u00fafer y el funcionamiento err\u00f3neo de algunos servicios."
}
],
"id": "CVE-2017-17314",
"lastModified": "2024-11-21T03:17:49.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-30T14:29:00.207",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-17310
Vulnerability from fkie_nvd - Published: 2018-04-19 14:29 - Updated: 2024-11-21 03:17
Severity ?
Summary
Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | dp300_firmware | v500r002c00spcb00 | |
| huawei | dp300 | - | |
| huawei | rp200_firmware | v600r006c00 | |
| huawei | rp200 | - | |
| huawei | te30_firmware | v100r001c10 | |
| huawei | te30_firmware | v500r002c00 | |
| huawei | te30_firmware | v600r006c00 | |
| huawei | te30 | - | |
| huawei | te40_firmware | v500r002c00 | |
| huawei | te40_firmware | v600r006c00 | |
| huawei | te40 | - | |
| huawei | te50_firmware | v500r002c00 | |
| huawei | te50_firmware | v600r006c00 | |
| huawei | te50 | - | |
| huawei | te60_firmware | v100r001c10 | |
| huawei | te60_firmware | v500r002c00 | |
| huawei | te60_firmware | v600r006c00 | |
| huawei | te60 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00spcb00:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDC74F3-643A-4978-A76E-36978FAD887B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEA387B-4F45-438F-8086-6E80B553163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD87254-ABAD-4DFF-BC0D-2CF030063D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4D51-314B-4A77-86A7-9C5237BC4275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal."
},
{
"lang": "es",
"value": "El m\u00f3dulo ENUM (Electronic Numbers to URI Mapping) en algunos productos Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00 y V600R006C00 tiene una vulnerabilidad de error de b\u00fafer. Un atacante remoto no autenticado debe controlar el dispositivo del mismo nivel y enviar paquetes ENUM especialmente manipulados a los productos afectados. Dada la verificaci\u00f3n insuficiente de algunos valores en los paquetes, su explotaci\u00f3n con \u00e9xito podr\u00eda provocar un error en el b\u00fafer y el funcionamiento err\u00f3neo de algunos servicios."
}
],
"id": "CVE-2017-17310",
"lastModified": "2024-11-21T03:17:48.683",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-19T14:29:00.260",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-17308
Vulnerability from fkie_nvd - Published: 2018-04-11 17:29 - Updated: 2024-11-21 03:17
Severity ?
Summary
SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | dp300_firmware | v500r002c00spcb00 | |
| huawei | dp300 | - | |
| huawei | rp200_firmware | v500r002c00 | |
| huawei | rp200_firmware | v600r006c00 | |
| huawei | rp200 | - | |
| huawei | te30_firmware | v100r001c10 | |
| huawei | te30_firmware | v500r002c00 | |
| huawei | te30_firmware | v600r006c00 | |
| huawei | te30 | - | |
| huawei | te40_firmware | v500r002c00 | |
| huawei | te40_firmware | v600r006c00 | |
| huawei | te40 | - | |
| huawei | te50_firmware | v500r002c00 | |
| huawei | te50_firmware | v600r006c00 | |
| huawei | te50 | - | |
| huawei | te60_firmware | v100r001c10 | |
| huawei | te60_firmware | v500r002c00 | |
| huawei | te60_firmware | v600r006c00 | |
| huawei | te60 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00spcb00:*:*:*:*:*:*:*",
"matchCriteriaId": "3BDC74F3-643A-4978-A76E-36978FAD887B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEA387B-4F45-438F-8086-6E80B553163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD87254-ABAD-4DFF-BC0D-2CF030063D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4D51-314B-4A77-86A7-9C5237BC4275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
},
{
"lang": "es",
"value": "El m\u00f3dulo SCCPX en Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00 y V600R006C00 tiene una vulnerabilidad de acceso inv\u00e1lido a la memoria. Un atacante remoto no autenticado podr\u00eda enviar paquetes especialmente manipulados a los productos afectados. Dada la validaci\u00f3n de paquetes insuficiente, un exploit con \u00e9xito podr\u00eda provocar el funcionamiento err\u00f3neo de algunos servicios."
}
],
"id": "CVE-2017-17308",
"lastModified": "2024-11-21T03:17:48.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-04-11T17:29:00.207",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-15314
Vulnerability from fkie_nvd - Published: 2018-03-09 21:29 - Updated: 2024-11-21 03:14
Severity ?
Summary
Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC535D5-0C05-4695-976F-ACF447431A6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "EEBEE4A4-0D51-4845-83DD-EE326F227150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "B125233A-3A7D-41E9-826C-BC7A5DA8A93E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "6E656A39-4954-442B-83C2-587B78702C0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10spc700:*:*:*:*:*:*:*",
"matchCriteriaId": "C9291F7F-E159-475A-8DC8-B8EFFF42170F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "5EEB3DB2-810A-4FB2-BE52-9694824F90F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "5EA29F7B-86A4-4D58-B868-33CB70337A23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "509AFB31-BF50-4AAA-AD42-309C86C0A9D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc700:*:*:*:*:*:*:*",
"matchCriteriaId": "1E11E0F5-C34B-4745-B6F0-8DF3522FA15B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc900:*:*:*:*:*:*:*",
"matchCriteriaId": "999D02AA-1B42-4B4E-BB7B-0B063DE5F2B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spcb00:*:*:*:*:*:*:*",
"matchCriteriaId": "50E5A0D4-E459-4230-94DB-E94946425071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3C8433-FEA5-4784-8C0A-174C677AD50F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00spc700:*:*:*:*:*:*:*",
"matchCriteriaId": "00F48D7B-BAAB-46F8-A428-5EC68EC34EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00spc900:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D177F9-8A65-4E1F-9576-D03171336510",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00spcb00:*:*:*:*:*:*:*",
"matchCriteriaId": "38671934-B566-4A73-9C97-C0236D4EEAFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "382868EB-07B6-448B-AF15-8C66046C9422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00spc700:*:*:*:*:*:*:*",
"matchCriteriaId": "1F75CBAE-59AC-4290-989E-8897B7FFE389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00spcb00:*:*:*:*:*:*:*",
"matchCriteriaId": "A71366A4-11F7-42F6-A1C7-A3D3E38E0ACE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don\u0027t be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."
},
{
"lang": "es",
"value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00 y V600R006C00 tienen una vulnerabilidad de fuga de memoria debido a que la memoria no se libera cuando el analizador XML fracasa a la hora de procesar algunos nodos. Un atacante podr\u00eda aprovecharse de esto para provocar una fuga de memoria, lo que podr\u00eda conducir a excepciones del sistema."
}
],
"id": "CVE-2017-15314",
"lastModified": "2024-11-21T03:14:26.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-09T21:29:00.470",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-17282
Vulnerability from fkie_nvd - Published: 2018-03-09 21:29 - Updated: 2024-11-21 03:17
Severity ?
Summary
SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | dp300_firmware | v500r002c00 | |
| huawei | dp300 | - | |
| huawei | rp200_firmware | v500r002c00 | |
| huawei | rp200_firmware | v600r006c00 | |
| huawei | rp200 | - | |
| huawei | te30_firmware | v100r001c10 | |
| huawei | te30_firmware | v500r002c00 | |
| huawei | te30_firmware | v600r006c00 | |
| huawei | te30 | - | |
| huawei | te40_firmware | v500r002c00 | |
| huawei | te40_firmware | v600r006c00 | |
| huawei | te40 | - | |
| huawei | te50_firmware | v500r002c00 | |
| huawei | te50_firmware | v600r006c00 | |
| huawei | te50 | - | |
| huawei | te60_firmware | v100r001c10 | |
| huawei | te60_firmware | v500r002c00 | |
| huawei | te60_firmware | v600r006c00 | |
| huawei | te60 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEA387B-4F45-438F-8086-6E80B553163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD87254-ABAD-4DFF-BC0D-2CF030063D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4D51-314B-4A77-86A7-9C5237BC4275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal."
},
{
"lang": "es",
"value": "El m\u00f3dulo SCCP (Signalling Connection Control Part) en Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00 y V600R006C00 tiene una vulnerabilidad de desbordamiento de b\u00fafer. Un atacante debe averiguar la forma de enviar repetidamente paquetes mal formados a los productos afectados. Dada la validaci\u00f3n de entradas insuficiente, un exploit con \u00e9xito podr\u00eda provocar el funcionamiento err\u00f3neo de algunos servicios."
}
],
"id": "CVE-2017-17282",
"lastModified": "2024-11-21T03:17:44.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-09T21:29:00.627",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2019-19414 (GCVE-0-2019-19414)
Vulnerability from cvelistv5 – Published: 2020-01-21 22:54 – Updated: 2024-08-05 02:16
VLAI?
Summary
There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
Severity ?
No CVSS data available.
CWE
- Two Integer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60 |
Affected:
V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50
Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800 Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50 Affected: V100R005C00,V100R005C10,V200R001C00,V200R002C50 Affected: V100R003C00,V100R004C10 Affected: V500R002C00 Affected: V500R002C00SPC200,V600R006C00 Affected: V100R001C10,V600R006C00 Affected: V600R006C00 Affected: V100R001C10,V500R002C00,V600R006C00 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:47.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R003C00,V100R004C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC200,V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V600R006C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V500R002C00,V600R006C00"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Two Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-21T22:54:32",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-19414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"version": {
"version_data": [
{
"version_value": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"version_value": "V100R003C00,V100R004C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC200,V600R006C00"
},
{
"version_value": "V100R001C10,V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V100R001C10,V500R002C00,V600R006C00"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Two Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-19414",
"datePublished": "2020-01-21T22:54:32",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-05T02:16:47.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19413 (GCVE-0-2019-19413)
Vulnerability from cvelistv5 – Published: 2020-01-21 22:54 – Updated: 2024-08-05 02:16
VLAI?
Summary
There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
Severity ?
No CVSS data available.
CWE
- Two Integer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60 |
Affected:
V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50
Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800 Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50 Affected: V100R005C00,V100R005C10,V200R001C00,V200R002C50 Affected: V100R003C00,V100R004C10 Affected: V500R002C00 Affected: V500R002C00SPC200,V600R006C00 Affected: V100R001C10,V600R006C00 Affected: V600R006C00 Affected: V100R001C10,V500R002C00,V600R006C00 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:47.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R003C00,V100R004C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC200,V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V600R006C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V500R002C00,V600R006C00"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Two Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-21T22:54:22",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-19413",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"version": {
"version_data": [
{
"version_value": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"version_value": "V100R003C00,V100R004C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC200,V600R006C00"
},
{
"version_value": "V100R001C10,V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V100R001C10,V500R002C00,V600R006C00"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Two Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-19413",
"datePublished": "2020-01-21T22:54:22",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-05T02:16:47.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17316 (GCVE-0-2017-17316)
Vulnerability from cvelistv5 – Published: 2018-07-02 13:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal.
Severity ?
No CVSS data available.
CWE
- out-of-bounds read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V500R002C00 Affected: V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:31.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-02T12:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17316",
"datePublished": "2018-07-02T13:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:31.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17317 (GCVE-0-2017-17317)
Vulnerability from cvelistv5 – Published: 2018-07-02 13:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal.
Severity ?
No CVSS data available.
CWE
- buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60 |
Affected:
USG6300 V100R001C10
Affected: V100R001C20 Affected: V100R001C30 Affected: V500R001C00 Affected: V500R001C20 Affected: V500R001C30 Affected: V500R001C50 Affected: Secospace USG6500 V100R001C10 Affected: Secospace USG6600 V100R001C00 Affected: TE30 V100R001C02 Affected: V100R001C10 Affected: V500R002C00 Affected: V600R006C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C01 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.748Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "USG6300 V100R001C10"
},
{
"status": "affected",
"version": "V100R001C20"
},
{
"status": "affected",
"version": "V100R001C30"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "Secospace USG6500 V100R001C10"
},
{
"status": "affected",
"version": "Secospace USG6600 V100R001C00"
},
{
"status": "affected",
"version": "TE30 V100R001C02"
},
{
"status": "affected",
"version": "V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C01"
}
]
}
],
"datePublic": "2018-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-02T12:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "USG6300 V100R001C10"
},
{
"version_value": "V100R001C20"
},
{
"version_value": "V100R001C30"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "Secospace USG6500 V100R001C10"
},
{
"version_value": "V100R001C20"
},
{
"version_value": "V100R001C30"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "Secospace USG6600 V100R001C00"
},
{
"version_value": "V100R001C20"
},
{
"version_value": "V100R001C30"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "TE30 V100R001C02"
},
{
"version_value": "V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C01"
},
{
"version_value": "V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17317",
"datePublished": "2018-07-02T13:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17315 (GCVE-0-2017-17315)
Vulnerability from cvelistv5 – Published: 2018-05-24 14:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal.
Severity ?
No CVSS data available.
CWE
- numeric errors
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: V600R006C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "numeric errors",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-24T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "numeric errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17315",
"datePublished": "2018-05-24T14:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17314 (GCVE-0-2017-17314)
Vulnerability from cvelistv5 – Published: 2018-04-30 14:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal.
Severity ?
No CVSS data available.
CWE
- invalid memory access
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "invalid memory access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-30T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "invalid memory access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17314",
"datePublished": "2018-04-30T14:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17310 (GCVE-0-2017-17310)
Vulnerability from cvelistv5 – Published: 2018-04-19 14:00 – Updated: 2024-09-16 23:41
VLAI?
Summary
Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal.
Severity ?
No CVSS data available.
CWE
- buffer error
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-19T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC": "2018-04-18T00:00:00",
"ID": "CVE-2017-17310",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17310",
"datePublished": "2018-04-19T14:00:00Z",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-09-16T23:41:48.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17308 (GCVE-0-2017-17308)
Vulnerability from cvelistv5 – Published: 2018-04-11 17:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal.
Severity ?
No CVSS data available.
CWE
- invalid memory access
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "invalid memory access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-11T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "invalid memory access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17308",
"datePublished": "2018-04-11T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15314 (GCVE-0-2017-15314)
Vulnerability from cvelistv5 – Published: 2018-03-09 21:00 – Updated: 2024-08-05 19:50
VLAI?
Summary
Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.
Severity ?
No CVSS data available.
CWE
- Memory Leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300,RP200,TE30,TE40,TE50,TE60 |
Affected:
DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300,RP200,TE30,TE40,TE50,TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2017-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don\u0027t be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T20:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-15314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300,RP200,TE30,TE40,TE50,TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don\u0027t be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-15314",
"datePublished": "2018-03-09T21:00:00",
"dateReserved": "2017-10-14T00:00:00",
"dateUpdated": "2024-08-05T19:50:16.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17282 (GCVE-0-2017-17282)
Vulnerability from cvelistv5 – Published: 2018-03-09 21:00 – Updated: 2024-08-05 20:44
VLAI?
Summary
SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal.
Severity ?
No CVSS data available.
CWE
- buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:44:00.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T20:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17282",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17282",
"datePublished": "2018-03-09T21:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:44:00.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19414 (GCVE-0-2019-19414)
Vulnerability from nvd – Published: 2020-01-21 22:54 – Updated: 2024-08-05 02:16
VLAI?
Summary
There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
Severity ?
No CVSS data available.
CWE
- Two Integer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60 |
Affected:
V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50
Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800 Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50 Affected: V100R005C00,V100R005C10,V200R001C00,V200R002C50 Affected: V100R003C00,V100R004C10 Affected: V500R002C00 Affected: V500R002C00SPC200,V600R006C00 Affected: V100R001C10,V600R006C00 Affected: V600R006C00 Affected: V100R001C10,V500R002C00,V600R006C00 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:47.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R003C00,V100R004C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC200,V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V600R006C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V500R002C00,V600R006C00"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Two Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-21T22:54:32",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-19414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"version": {
"version_data": [
{
"version_value": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"version_value": "V100R003C00,V100R004C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC200,V600R006C00"
},
{
"version_value": "V100R001C10,V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V100R001C10,V500R002C00,V600R006C00"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Two Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-19414",
"datePublished": "2020-01-21T22:54:32",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-05T02:16:47.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19413 (GCVE-0-2019-19413)
Vulnerability from nvd – Published: 2020-01-21 22:54 – Updated: 2024-08-05 02:16
VLAI?
Summary
There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
Severity ?
No CVSS data available.
CWE
- Two Integer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60 |
Affected:
V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50
Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800 Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50 Affected: V100R005C00,V100R005C10,V200R001C00,V200R002C50 Affected: V100R003C00,V100R004C10 Affected: V500R002C00 Affected: V500R002C00SPC200,V600R006C00 Affected: V100R001C10,V600R006C00 Affected: V600R006C00 Affected: V100R001C10,V500R002C00,V600R006C00 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:47.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R003C00,V100R004C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC200,V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V600R006C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V500R002C00,V600R006C00"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Two Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-21T22:54:22",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-19413",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"version": {
"version_data": [
{
"version_value": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"version_value": "V100R003C00,V100R004C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC200,V600R006C00"
},
{
"version_value": "V100R001C10,V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V100R001C10,V500R002C00,V600R006C00"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Two Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-19413",
"datePublished": "2020-01-21T22:54:22",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-05T02:16:47.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17316 (GCVE-0-2017-17316)
Vulnerability from nvd – Published: 2018-07-02 13:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal.
Severity ?
No CVSS data available.
CWE
- out-of-bounds read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V500R002C00 Affected: V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:31.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-02T12:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17316",
"datePublished": "2018-07-02T13:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:31.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17317 (GCVE-0-2017-17317)
Vulnerability from nvd – Published: 2018-07-02 13:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal.
Severity ?
No CVSS data available.
CWE
- buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60 |
Affected:
USG6300 V100R001C10
Affected: V100R001C20 Affected: V100R001C30 Affected: V500R001C00 Affected: V500R001C20 Affected: V500R001C30 Affected: V500R001C50 Affected: Secospace USG6500 V100R001C10 Affected: Secospace USG6600 V100R001C00 Affected: TE30 V100R001C02 Affected: V100R001C10 Affected: V500R002C00 Affected: V600R006C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C01 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.748Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "USG6300 V100R001C10"
},
{
"status": "affected",
"version": "V100R001C20"
},
{
"status": "affected",
"version": "V100R001C30"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "Secospace USG6500 V100R001C10"
},
{
"status": "affected",
"version": "Secospace USG6600 V100R001C00"
},
{
"status": "affected",
"version": "TE30 V100R001C02"
},
{
"status": "affected",
"version": "V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C01"
}
]
}
],
"datePublic": "2018-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-02T12:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "USG6300 V100R001C10"
},
{
"version_value": "V100R001C20"
},
{
"version_value": "V100R001C30"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "Secospace USG6500 V100R001C10"
},
{
"version_value": "V100R001C20"
},
{
"version_value": "V100R001C30"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "Secospace USG6600 V100R001C00"
},
{
"version_value": "V100R001C20"
},
{
"version_value": "V100R001C30"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "TE30 V100R001C02"
},
{
"version_value": "V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C01"
},
{
"version_value": "V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17317",
"datePublished": "2018-07-02T13:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17315 (GCVE-0-2017-17315)
Vulnerability from nvd – Published: 2018-05-24 14:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal.
Severity ?
No CVSS data available.
CWE
- numeric errors
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: V600R006C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "numeric errors",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-24T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "numeric errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17315",
"datePublished": "2018-05-24T14:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17314 (GCVE-0-2017-17314)
Vulnerability from nvd – Published: 2018-04-30 14:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal.
Severity ?
No CVSS data available.
CWE
- invalid memory access
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "invalid memory access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-30T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "invalid memory access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17314",
"datePublished": "2018-04-30T14:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17310 (GCVE-0-2017-17310)
Vulnerability from nvd – Published: 2018-04-19 14:00 – Updated: 2024-09-16 23:41
VLAI?
Summary
Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal.
Severity ?
No CVSS data available.
CWE
- buffer error
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-19T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC": "2018-04-18T00:00:00",
"ID": "CVE-2017-17310",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17310",
"datePublished": "2018-04-19T14:00:00Z",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-09-16T23:41:48.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17308 (GCVE-0-2017-17308)
Vulnerability from nvd – Published: 2018-04-11 17:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal.
Severity ?
No CVSS data available.
CWE
- invalid memory access
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "invalid memory access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-11T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "invalid memory access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17308",
"datePublished": "2018-04-11T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15314 (GCVE-0-2017-15314)
Vulnerability from nvd – Published: 2018-03-09 21:00 – Updated: 2024-08-05 19:50
VLAI?
Summary
Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.
Severity ?
No CVSS data available.
CWE
- Memory Leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300,RP200,TE30,TE40,TE50,TE60 |
Affected:
DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300,RP200,TE30,TE40,TE50,TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2017-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don\u0027t be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T20:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-15314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300,RP200,TE30,TE40,TE50,TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don\u0027t be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-15314",
"datePublished": "2018-03-09T21:00:00",
"dateReserved": "2017-10-14T00:00:00",
"dateUpdated": "2024-08-05T19:50:16.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17282 (GCVE-0-2017-17282)
Vulnerability from nvd – Published: 2018-03-09 21:00 – Updated: 2024-08-05 20:44
VLAI?
Summary
SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal.
Severity ?
No CVSS data available.
CWE
- buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:44:00.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T20:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17282",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17282",
"datePublished": "2018-03-09T21:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:44:00.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}