cvelistv5 - CVE-2017-15324

CVE-2017-15324 (GCVE-0-2017-15324)

Vulnerability from cvelistv5 – Published: 2017-12-22 17:00 – Updated: 2024-09-16 22:20

Summary

Severity ?

No CVSS data available.

CWE

Assigner

huawei

References

URL

Tags

http://www.huawei.com/en/psirt/security-advisorie…

x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

Huawei Technologies Co., Ltd.

S12700

Affected: V200R006C00
Affected: V200R007C00
Affected: V200R007C01
Affected: V200R007C20
Affected: V200R008C00
Affected: V200R009C00
Affected: V200R010C00

Huawei Technologies Co., Ltd.	S1700	Affected: V200R006C10 Affected: V200R009C00 Affected: V200R010C00
Huawei Technologies Co., Ltd.	S2700	Affected: V200R006C00 Affected: V200R006C10 Affected: V200R007C00 Affected: V200R008C00 Affected: V200R009C00 Affected: V200R010C00 Affected: V200R011C00
Huawei Technologies Co., Ltd.	S5700	Affected: V200R005C00 Affected: V200R006C00 Affected: V200R007C00 Affected: V200R008C00 Affected: V200R009C00 Affected: V200R010C00 Affected: V200R011C00
Huawei Technologies Co., Ltd.	S6700	Affected: V200R005C00 Affected: V200R008C00 Affected: V200R009C00 Affected: V200R010C00
Huawei Technologies Co., Ltd.	S7700	Affected: V200R006C00 Affected: V200R007C00 Affected: V200R008C00 Affected: V200R009C00 Affected: V200R010C00
Huawei Technologies Co., Ltd.	S9700	Affected: V200R006C00 Affected: V200R007C00 Affected: V200R007C01 Affected: V200R008C00 Affected: V200R009C00 Affected: V200R010C00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:50:16.443Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "S12700",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "V200R006C00"
            },
            {
              "status": "affected",
              "version": "V200R007C00"
            },
            {
              "status": "affected",
              "version": "V200R007C01"
            },
            {
              "status": "affected",
              "version": "V200R007C20"
            },
            {
              "status": "affected",
              "version": "V200R008C00"
            },
            {
              "status": "affected",
              "version": "V200R009C00"
            },
            {
              "status": "affected",
              "version": "V200R010C00"
            }
          ]
        },
        {
          "product": "S1700",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "V200R006C10"
            },
            {
              "status": "affected",
              "version": "V200R009C00"
            },
            {
              "status": "affected",
              "version": "V200R010C00"
            }
          ]
        },
        {
          "product": "S2700",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "V200R006C00"
            },
            {
              "status": "affected",
              "version": "V200R006C10"
            },
            {
              "status": "affected",
              "version": "V200R007C00"
            },
            {
              "status": "affected",
              "version": "V200R008C00"
            },
            {
              "status": "affected",
              "version": "V200R009C00"
            },
            {
              "status": "affected",
              "version": "V200R010C00"
            },
            {
              "status": "affected",
              "version": "V200R011C00"
            }
          ]
        },
        {
          "product": "S5700",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "V200R005C00"
            },
            {
              "status": "affected",
              "version": "V200R006C00"
            },
            {
              "status": "affected",
              "version": "V200R007C00"
            },
            {
              "status": "affected",
              "version": "V200R008C00"
            },
            {
              "status": "affected",
              "version": "V200R009C00"
            },
            {
              "status": "affected",
              "version": "V200R010C00"
            },
            {
              "status": "affected",
              "version": "V200R011C00"
            }
          ]
        },
        {
          "product": "S6700",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "V200R005C00"
            },
            {
              "status": "affected",
              "version": "V200R008C00"
            },
            {
              "status": "affected",
              "version": "V200R009C00"
            },
            {
              "status": "affected",
              "version": "V200R010C00"
            }
          ]
        },
        {
          "product": "S7700",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "V200R006C00"
            },
            {
              "status": "affected",
              "version": "V200R007C00"
            },
            {
              "status": "affected",
              "version": "V200R008C00"
            },
            {
              "status": "affected",
              "version": "V200R009C00"
            },
            {
              "status": "affected",
              "version": "V200R010C00"
            }
          ]
        },
        {
          "product": "S9700",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "V200R006C00"
            },
            {
              "status": "affected",
              "version": "V200R007C00"
            },
            {
              "status": "affected",
              "version": "V200R007C01"
            },
            {
              "status": "affected",
              "version": "V200R008C00"
            },
            {
              "status": "affected",
              "version": "V200R009C00"
            },
            {
              "status": "affected",
              "version": "V200R010C00"
            }
          ]
        }
      ],
      "datePublic": "2017-12-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "DoS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-16T13:57:01",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "DATE_PUBLIC": "2017-12-06T00:00:00",
          "ID": "CVE-2017-15324",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "S12700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V200R006C00"
                          },
                          {
                            "version_value": "V200R007C00"
                          },
                          {
                            "version_value": "V200R007C01"
                          },
                          {
                            "version_value": "V200R007C20"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "S1700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V200R006C10"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "S2700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V200R006C00"
                          },
                          {
                            "version_value": "V200R006C10"
                          },
                          {
                            "version_value": "V200R007C00"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "V200R011C00"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "S5700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V200R005C00"
                          },
                          {
                            "version_value": "V200R006C00"
                          },
                          {
                            "version_value": "V200R007C00"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "V200R011C00"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "S6700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V200R005C00"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "S7700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V200R006C00"
                          },
                          {
                            "version_value": "V200R007C00"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "S9700",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "V200R006C00"
                          },
                          {
                            "version_value": "V200R007C00"
                          },
                          {
                            "version_value": "V200R007C01"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei Technologies Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "DoS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2017-15324",
    "datePublished": "2017-12-22T17:00:00Z",
    "dateReserved": "2017-10-14T00:00:00",
    "dateUpdated": "2024-09-16T22:20:26.332Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCF23DAE-1215-41B2-88C5-4436D846266C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E22D3CFF-3353-4EE2-8933-84F395469D0D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F18D9776-5CE7-4DD3-9119-7FB08A35B955\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA7AC10D-B0DD-4206-8642-134DDD585C06\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart.\"}, {\"lang\": \"es\", \"value\": \"Huawei S5700 y S6700 con software V200R005C00 tienen una vulnerabilidad de DoS debido a una validaci\\u00f3n insuficiente de los paquetes Network Quality Analysis (NQA). Un atacante remoto podr\\u00eda explotar esta vulnerabilidad enviando paquetes NQA mal formados al dispositivo objetivo. La explotaci\\u00f3n exitosa de esta vulnerabilidad puede provocar el reinicio del dispositivo.\"}]",
      "id": "CVE-2017-15324",
      "lastModified": "2024-11-21T03:14:27.940",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": true, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-12-22T17:29:13.470",
      "references": "[{\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en\", \"source\": \"psirt@huawei.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@huawei.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-15324\",\"sourceIdentifier\":\"psirt@huawei.com\",\"published\":\"2017-12-22T17:29:13.470\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart.\"},{\"lang\":\"es\",\"value\":\"Huawei S5700 y S6700 con software V200R005C00 tienen una vulnerabilidad de DoS debido a una validaci\u00f3n insuficiente de los paquetes Network Quality Analysis (NQA). Un atacante remoto podr\u00eda explotar esta vulnerabilidad enviando paquetes NQA mal formados al dispositivo objetivo. La explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar el reinicio del dispositivo.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCF23DAE-1215-41B2-88C5-4436D846266C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E22D3CFF-3353-4EE2-8933-84F395469D0D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F18D9776-5CE7-4DD3-9119-7FB08A35B955\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA7AC10D-B0DD-4206-8642-134DDD585C06\"}]}]}],\"references\":[{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

FKIE_CVE-2017-15324

Vulnerability from fkie_nvd - Published: 2017-12-22 17:29 - Updated: 2025-04-20 01:37

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	psirt@huawei.com	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en	Vendor Advisory

Impacted products

Vendor	Product	Version
huawei	s5700_firmware	v200r005c00
huawei	s5700	-
huawei	s6700_firmware	v200r005c00
huawei	s6700	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCF23DAE-1215-41B2-88C5-4436D846266C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "F18D9776-5CE7-4DD3-9119-7FB08A35B955",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart."
    },
    {
      "lang": "es",
      "value": "Huawei S5700 y S6700 con software V200R005C00 tienen una vulnerabilidad de DoS debido a una validaci\u00f3n insuficiente de los paquetes Network Quality Analysis (NQA). Un atacante remoto podr\u00eda explotar esta vulnerabilidad enviando paquetes NQA mal formados al dispositivo objetivo. La explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar el reinicio del dispositivo."
    }
  ],
  "id": "CVE-2017-15324",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-12-22T17:29:13.470",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201712-0808

Vulnerability from variot - Updated: 2023-12-18 13:57

Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart. HuaweiS12700 is an intelligent routing switch of China Huawei. The following products and versions are affected: Huawei S12700 V200R006C00 Version, V200R007C00 Version, V200R007C01 Version, V200R007C20 Version, V200R008C00 Version, V200R009C00 Version, V200R010C00 Version; S1700 V200R006C10 Version, V200R009C00 Version, V200R010C00 Version; S2700 V200R006C00 Version, V200R006C10 Version, V200R007C00 Version, V200R008C00 Version, V200R009C00 Version, V200R010C00 Version, V200R011C00 Version; S5700 V200R005C00 Version, V200R006C00 Version, V200R007C00 Version, V200R008C00 Version, V200R009C00 Version, V200R010C00 Version, V200R011C00 Version; S6700 V200R005C00 Version, V200R008C00 Version, V200R009C00 Version, V200R010C00 Version; S7700 V200R006C00 Version , version V200R007C00, version V200R008C00, version V200R009C00, version V200R010C00;

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201712-0808",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "s5700",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "huawei",
        "version": "v200r005c00"
      },
      {
        "model": "s6700",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "huawei",
        "version": "v200r005c00"
      },
      {
        "model": "s9700 v200r008c00",
        "scope": null,
        "trust": 1.2,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s5700 v200r005c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s7700 v200r006c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s7700 v200r008c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s9700 v200r006c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s12700 v200r006c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s12700 v200r008c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s5700 v200r006c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s12700 v200r007c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s5700 v200r007c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s7700 v200r007c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s9700 v200r007c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s5700 v200r009c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s6700 v200r005c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s6700 v200r009c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s7700 v200r009c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s12700 v200r009c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s12700 v200r007c01",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s2700 v200r006c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s2700 v200r007c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s2700 v200r008c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s5700 v200r008c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s6700 v200r008c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s12700 v200r007c20",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s12700 v200r010c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s1700 v200r006c10",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s1700 v200r009c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s1700 v200r010c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s2700 v200r006c10",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s2700 v200r009c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s2700 v200r010c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s2700 v200r011c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s5700 v200r010c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s5700 v200r011c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s6700 v200r010c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s7700 v200r010c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s9700 v200r007c01",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      },
      {
        "model": "s9700 v200r010c00",
        "scope": null,
        "trust": 0.6,
        "vendor": "huawei",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-37724"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011576"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15324"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-688"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-15324"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Huawei internal tester",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-688"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2017-15324",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": true,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2017-15324",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-37724",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-106135",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.5,
            "baseSeverity": "High",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2017-15324",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-15324",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-37724",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201712-688",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-106135",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-37724"
      },
      {
        "db": "VULHUB",
        "id": "VHN-106135"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011576"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15324"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-688"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart. HuaweiS12700 is an intelligent routing switch of China Huawei. The following products and versions are affected: Huawei S12700 V200R006C00 Version, V200R007C00 Version, V200R007C01 Version, V200R007C20 Version, V200R008C00 Version, V200R009C00 Version, V200R010C00 Version; S1700 V200R006C10 Version, V200R009C00 Version, V200R010C00 Version; S2700 V200R006C00 Version, V200R006C10 Version, V200R007C00 Version,  V200R008C00 Version, V200R009C00 Version, V200R010C00 Version, V200R011C00 Version; S5700 V200R005C00 Version, V200R006C00 Version, V200R007C00 Version, V200R008C00 Version, V200R009C00 Version, V200R010C00 Version, V200R011C00 Version; S6700 V200R005C00 Version, V200R008C00 Version, V200R009C00 Version, V200R010C00 Version; S7700 V200R006C00 Version , version V200R007C00, version V200R008C00, version V200R009C00, version V200R010C00;",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-15324"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011576"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-37724"
      },
      {
        "db": "VULHUB",
        "id": "VHN-106135"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-15324",
        "trust": 3.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011576",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-688",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-37724",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-106135",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-37724"
      },
      {
        "db": "VULHUB",
        "id": "VHN-106135"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011576"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15324"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-688"
      }
    ]
  },
  "id": "VAR-201712-0808",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-37724"
      },
      {
        "db": "VULHUB",
        "id": "VHN-106135"
      }
    ],
    "trust": 1.604162115151515
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-37724"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:57:09.897000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "huawei-sa-20171206-01-nqa",
        "trust": 0.8,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en"
      },
      {
        "title": "Patches for several Huawei Product Denial of Service Vulnerabilities (CNVD-2017-37724)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/111253"
      },
      {
        "title": "Multiple Huawei Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77226"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-37724"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-688"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-106135"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011576"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15324"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-15324"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-15324"
      },
      {
        "trust": 0.6,
        "url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-nqa-cn"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-37724"
      },
      {
        "db": "VULHUB",
        "id": "VHN-106135"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011576"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15324"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-688"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-37724"
      },
      {
        "db": "VULHUB",
        "id": "VHN-106135"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011576"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15324"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-688"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-12-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-37724"
      },
      {
        "date": "2017-12-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-106135"
      },
      {
        "date": "2018-01-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-011576"
      },
      {
        "date": "2017-12-22T17:29:13.470000",
        "db": "NVD",
        "id": "CVE-2017-15324"
      },
      {
        "date": "2017-12-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201712-688"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-12-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-37724"
      },
      {
        "date": "2018-01-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-106135"
      },
      {
        "date": "2018-01-22T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-011576"
      },
      {
        "date": "2018-01-17T02:29:01.257000",
        "db": "NVD",
        "id": "CVE-2017-15324"
      },
      {
        "date": "2017-12-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201712-688"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-688"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Huawei S5700 and  S6700 Input validation vulnerability in other software",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-011576"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "input validation",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-688"
      }
    ],
    "trust": 0.6
  }
}

CNVD-2017-37724

Vulnerability from cnvd - Published: 2017-12-21

Title

多款Huawei产品拒绝服务漏洞（CNVD-2017-37724）

Description

Huawei S12700等都是中国华为（Huawei）公司的智能路由交换机。多款Huawei产品中存在拒绝服务漏洞，该漏洞是由于设备对网络质量分析（NQA）报文未能进行充分校验。远程攻击者通过向设备发送畸形NQA报文利用该漏洞造成拒绝服务（设备重启）。

Severity

高

Patch Name

多款Huawei产品拒绝服务漏洞（CNVD-2017-37724）的补丁

Patch Description

Huawei S12700等都是中国华为（Huawei）公司的智能路由交换机。多款Huawei产品中存在拒绝服务漏洞，该漏洞是由于设备对网络质量分析（NQA）报文未能进行充分校验。远程攻击者通过向设备发送畸形NQA报文利用该漏洞造成拒绝服务（设备重启）。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-nqa-cn

Reference

http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-nqa-cn

Impacted products

Name
['Huawei S5700 V200R005C00', 'Huawei S7700 V200R006C00', 'Huawei S7700 V200R008C00', 'Huawei S9700 V200R006C00', 'Huawei S9700 V200R008C00', 'Huawei S12700 V200R006C00', 'Huawei S12700 V200R008C00', 'Huawei S5700 V200R006C00', 'Huawei S12700 V200R007C00', 'Huawei S5700 V200R007C00', 'Huawei S7700 V200R007C00', 'Huawei S9700 V200R007C00', 'Huawei S5700 V200R009C00', 'Huawei S6700 V200R005C00', 'Huawei S6700 V200R009C00', 'Huawei S7700 V200R009C00', 'Huawei S9700 V200R008C00', 'Huawei S12700 V200R009C00', 'Huawei S12700 V200R007C01', 'Huawei S2700 V200R006C00', 'Huawei S2700 V200R007C00', 'Huawei S2700 V200R008C00', 'Huawei S5700 V200R008C00', 'Huawei S6700 V200R008C00', 'Huawei S12700 V200R007C20', 'Huawei S12700 V200R010C00', 'Huawei S1700 V200R006C10', 'Huawei S1700 V200R009C00', 'Huawei S1700 V200R010C00', 'Huawei S2700 V200R006C10', 'Huawei S2700 V200R009C00', 'Huawei S2700 V200R010C00', 'Huawei S2700 V200R011C00', 'Huawei S5700 V200R010C00', 'Huawei S5700 V200R011C00', 'Huawei S6700 V200R010C00', 'Huawei S7700 V200R010C00', 'Huawei S9700 V200R007C01', 'Huawei S9700 V200R010C00']

Name

['Huawei S5700 V200R005C00', 'Huawei S7700 V200R006C00', 'Huawei S7700 V200R008C00', 'Huawei S9700 V200R006C00', 'Huawei S9700 V200R008C00', 'Huawei S12700 V200R006C00', 'Huawei S12700 V200R008C00', 'Huawei S5700 V200R006C00', 'Huawei S12700 V200R007C00', 'Huawei S5700 V200R007C00', 'Huawei S7700 V200R007C00', 'Huawei S9700 V200R007C00', 'Huawei S5700 V200R009C00', 'Huawei S6700 V200R005C00', 'Huawei S6700 V200R009C00', 'Huawei S7700 V200R009C00', 'Huawei S9700 V200R008C00', 'Huawei S12700 V200R009C00', 'Huawei S12700 V200R007C01', 'Huawei S2700 V200R006C00', 'Huawei S2700 V200R007C00', 'Huawei S2700 V200R008C00', 'Huawei S5700 V200R008C00', 'Huawei S6700 V200R008C00', 'Huawei S12700 V200R007C20', 'Huawei S12700 V200R010C00', 'Huawei S1700 V200R006C10', 'Huawei S1700 V200R009C00', 'Huawei S1700 V200R010C00', 'Huawei S2700 V200R006C10', 'Huawei S2700 V200R009C00', 'Huawei S2700 V200R010C00', 'Huawei S2700 V200R011C00', 'Huawei S5700 V200R010C00', 'Huawei S5700 V200R011C00', 'Huawei S6700 V200R010C00', 'Huawei S7700 V200R010C00', 'Huawei S9700 V200R007C01', 'Huawei S9700 V200R010C00']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-15324"
    }
  },
  "description": "Huawei S12700\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u667a\u80fd\u8def\u7531\u4ea4\u6362\u673a\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u8bbe\u5907\u5bf9\u7f51\u7edc\u8d28\u91cf\u5206\u6790\uff08NQA\uff09\u62a5\u6587\u672a\u80fd\u8fdb\u884c\u5145\u5206\u6821\u9a8c\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u5411\u8bbe\u5907\u53d1\u9001\u7578\u5f62NQA\u62a5\u6587\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8bbe\u5907\u91cd\u542f\uff09\u3002",
  "discovererName": "Huawei",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-nqa-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-37724",
  "openTime": "2017-12-21",
  "patchDescription": "Huawei S12700\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u667a\u80fd\u8def\u7531\u4ea4\u6362\u673a\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1\u4e2d\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8e\u8bbe\u5907\u5bf9\u7f51\u7edc\u8d28\u91cf\u5206\u6790\uff08NQA\uff09\u62a5\u6587\u672a\u80fd\u8fdb\u884c\u5145\u5206\u6821\u9a8c\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u901a\u8fc7\u5411\u8bbe\u5907\u53d1\u9001\u7578\u5f62NQA\u62a5\u6587\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8bbe\u5907\u91cd\u542f\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eHuawei\u4ea7\u54c1\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-37724\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei S5700 V200R005C00",
      "Huawei S7700  V200R006C00",
      "Huawei S7700  V200R008C00",
      "Huawei S9700  V200R006C00",
      "Huawei S9700  V200R008C00",
      "Huawei S12700 V200R006C00",
      "Huawei S12700  V200R008C00",
      "Huawei S5700  V200R006C00",
      "Huawei S12700 V200R007C00",
      "Huawei S5700 V200R007C00",
      "Huawei S7700 V200R007C00",
      "Huawei S9700 V200R007C00",
      "Huawei S5700 V200R009C00",
      "Huawei S6700 V200R005C00",
      "Huawei S6700 V200R009C00",
      "Huawei S7700 V200R009C00",
      "Huawei S9700 V200R008C00",
      "Huawei S12700 V200R009C00",
      "Huawei S12700 V200R007C01",
      "Huawei S2700 V200R006C00",
      "Huawei S2700 V200R007C00",
      "Huawei S2700 V200R008C00",
      "Huawei S5700 V200R008C00",
      "Huawei S6700 V200R008C00",
      "Huawei S12700 V200R007C20",
      "Huawei S12700 V200R010C00",
      "Huawei S1700 V200R006C10",
      "Huawei S1700 V200R009C00",
      "Huawei S1700 V200R010C00",
      "Huawei S2700 V200R006C10",
      "Huawei S2700 V200R009C00",
      "Huawei S2700 V200R010C00",
      "Huawei S2700 V200R011C00",
      "Huawei S5700 V200R010C00",
      "Huawei S5700 V200R011C00",
      "Huawei S6700 V200R010C00",
      "Huawei S7700 V200R010C00",
      "Huawei S9700 V200R007C01",
      "Huawei S9700 V200R010C00"
    ]
  },
  "referenceLink": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-nqa-cn",
  "serverity": "\u9ad8",
  "submitTime": "2017-12-08",
  "title": "\u591a\u6b3eHuawei\u4ea7\u54c1\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-37724\uff09"
}

GHSA-X4F4-7JG6-VX7P

Vulnerability from github – Published: 2022-05-14 03:49 – Updated: 2022-05-14 03:49

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-15324"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-12-22T17:29:00Z",
    "severity": "HIGH"
  },
  "details": "Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart.",
  "id": "GHSA-x4f4-7jg6-vx7p",
  "modified": "2022-05-14T03:49:58Z",
  "published": "2022-05-14T03:49:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15324"
    },
    {
      "type": "WEB",
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2017-15324

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2017-15324

Aliases

CVE-2017-15324

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-15324",
    "description": "Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart.",
    "id": "GSD-2017-15324"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-15324"
      ],
      "details": "Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart.",
      "id": "GSD-2017-15324",
      "modified": "2023-12-13T01:20:59.392017Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@huawei.com",
        "DATE_PUBLIC": "2017-12-06T00:00:00",
        "ID": "CVE-2017-15324",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "S12700",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "V200R006C00"
                        },
                        {
                          "version_value": "V200R007C00"
                        },
                        {
                          "version_value": "V200R007C01"
                        },
                        {
                          "version_value": "V200R007C20"
                        },
                        {
                          "version_value": "V200R008C00"
                        },
                        {
                          "version_value": "V200R009C00"
                        },
                        {
                          "version_value": "V200R010C00"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "S1700",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "V200R006C10"
                        },
                        {
                          "version_value": "V200R009C00"
                        },
                        {
                          "version_value": "V200R010C00"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "S2700",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "V200R006C00"
                        },
                        {
                          "version_value": "V200R006C10"
                        },
                        {
                          "version_value": "V200R007C00"
                        },
                        {
                          "version_value": "V200R008C00"
                        },
                        {
                          "version_value": "V200R009C00"
                        },
                        {
                          "version_value": "V200R010C00"
                        },
                        {
                          "version_value": "V200R011C00"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "S5700",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "V200R005C00"
                        },
                        {
                          "version_value": "V200R006C00"
                        },
                        {
                          "version_value": "V200R007C00"
                        },
                        {
                          "version_value": "V200R008C00"
                        },
                        {
                          "version_value": "V200R009C00"
                        },
                        {
                          "version_value": "V200R010C00"
                        },
                        {
                          "version_value": "V200R011C00"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "S6700",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "V200R005C00"
                        },
                        {
                          "version_value": "V200R008C00"
                        },
                        {
                          "version_value": "V200R009C00"
                        },
                        {
                          "version_value": "V200R010C00"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "S7700",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "V200R006C00"
                        },
                        {
                          "version_value": "V200R007C00"
                        },
                        {
                          "version_value": "V200R008C00"
                        },
                        {
                          "version_value": "V200R009C00"
                        },
                        {
                          "version_value": "V200R010C00"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "S9700",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "V200R006C00"
                        },
                        {
                          "version_value": "V200R007C00"
                        },
                        {
                          "version_value": "V200R007C01"
                        },
                        {
                          "version_value": "V200R008C00"
                        },
                        {
                          "version_value": "V200R009C00"
                        },
                        {
                          "version_value": "V200R010C00"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Huawei Technologies Co., Ltd."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "DoS"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en",
            "refsource": "CONFIRM",
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2017-15324"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2018-01-17T02:29Z",
      "publishedDate": "2017-12-22T17:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-15324 (GCVE-0-2017-15324)

FKIE_CVE-2017-15324

VAR-201712-0808

CNVD-2017-37724

GHSA-X4F4-7JG6-VX7P

GSD-2017-15324

Tags

Sightings

Nomenclature