CVE-2017-15353 (GCVE-0-2017-15353)

Vulnerability from cvelistv5 – Published: 2018-02-15 16:00 – Updated: 2024-08-05 19:57
VLAI?
Summary
Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal.
Severity ?
No CVSS data available.
CWE
  • out-of-bounds read
Assigner
References
Impacted products
Vendor Product Version
Huawei Technologies Co., Ltd. DP300,RP200,RSE6500,TE30,TE40,TE50,TE60,TX50,VP9660,ViewPoint 8660,ViewPoint 9030,Viewpoint 8660, Affected: DP300 ,V500R002C00 ,RP200 ,V500R002C00 ,V600R006C00 ,RSE6500 ,V500R002C00 ,TE30 ,V100R001C02 ,V100R001C10 ,V500R002C00 ,V600R006C00 ,TE40 ,V500R002C00 ,V600R006C00 ,TE50 ,V500R002C00 ,V600R006C00 ,TE60 ,V100R001C01 ,V100R001C10 ,V500R002C00 ,V600R006C00 ,TX50 ,V500R002C00 ,V600R006C00 ,VP9660 ,V500R002C00 ,V500R002C10 ,ViewPoint 8660 ,V100R008C03 ,ViewPoint 9030 ,V100R011C02 ,V100R011C03 ,Viewpoint 8660 ,V100R008C03
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:57:25.431Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DP300,RP200,RSE6500,TE30,TE40,TE50,TE60,TX50,VP9660,ViewPoint 8660,ViewPoint 9030,Viewpoint 8660,",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "DP300 ,V500R002C00 ,RP200 ,V500R002C00 ,V600R006C00 ,RSE6500 ,V500R002C00 ,TE30 ,V100R001C02 ,V100R001C10 ,V500R002C00 ,V600R006C00 ,TE40 ,V500R002C00 ,V600R006C00 ,TE50 ,V500R002C00 ,V600R006C00 ,TE60 ,V100R001C01 ,V100R001C10 ,V500R002C00 ,V600R006C00 ,TX50 ,V500R002C00 ,V600R006C00 ,VP9660 ,V500R002C00 ,V500R002C10 ,ViewPoint 8660 ,V100R008C03 ,ViewPoint 9030 ,V100R011C02 ,V100R011C03 ,Viewpoint 8660 ,V100R008C03"
            }
          ]
        }
      ],
      "datePublic": "2017-11-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "out-of-bounds read",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-15T15:57:02",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2017-15353",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DP300,RP200,RSE6500,TE30,TE40,TE50,TE60,TX50,VP9660,ViewPoint 8660,ViewPoint 9030,Viewpoint 8660,",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "DP300 ,V500R002C00 ,RP200 ,V500R002C00 ,V600R006C00 ,RSE6500 ,V500R002C00 ,TE30 ,V100R001C02 ,V100R001C10 ,V500R002C00 ,V600R006C00 ,TE40 ,V500R002C00 ,V600R006C00 ,TE50 ,V500R002C00 ,V600R006C00 ,TE60 ,V100R001C01 ,V100R001C10 ,V500R002C00 ,V600R006C00 ,TX50 ,V500R002C00 ,V600R006C00 ,VP9660 ,V500R002C00 ,V500R002C10 ,ViewPoint 8660 ,V100R008C03 ,ViewPoint 9030 ,V100R011C02 ,V100R011C03 ,Viewpoint 8660 ,V100R008C03"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei Technologies Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "out-of-bounds read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2017-15353",
    "datePublished": "2018-02-15T16:00:00",
    "dateReserved": "2017-10-14T00:00:00",
    "dateUpdated": "2024-08-05T19:57:25.431Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8871106B-D3AF-4CFB-A544-1FA411642428\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F3483B2-9EB6-4E34-900A-945C04A3160D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67731A77-1DD4-49B2-B437-2850C9583750\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98275088-2FBE-42F4-AAEC-DF02950B803D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:rse6500_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"649BB696-BDBE-46FC-A23D-287DE306D8BB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:rse6500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DD9417D-0515-4B21-AD32-E6B137575D01\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"686651A5-6F2F-4AF3-9B96-FF5905F2303A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA3EF476-42D7-4758-8DCB-373F46BF1CF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9DEA387B-4F45-438F-8086-6E80B553163C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"018039EB-7265-4B71-B462-4734FD1D0503\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDD87254-ABAD-4DFF-BC0D-2CF030063D6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"931FD3B3-A333-4277-AE55-494F5DB9F09F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45C3AF58-E030-4E12-A2FD-A4337A5021ED\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF7A4D51-314B-4A77-86A7-9C5237BC4275\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A70F8924-DC80-4D6F-BA3E-DBFE32FED788\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4F188B3-0A63-4704-9B0D-F8DF5D973FA5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te60_firmware:v100r001c01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F6EACB9-6832-4B2A-9C5B-C1E2747D6359\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"092C9FAF-8892-4E16-9C0E-BB1E3488C6C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"01BC9042-0485-437F-811F-F8898B3B7EA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A29049D-F472-4772-8750-20730DA624E9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"999117E9-90C8-4E76-90B5-7D364C0B84BF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:tx50_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ABD47BE6-70B0-49FE-91D1-D5EE4BD9C750\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:tx50_firmware:v600r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD35F8E5-9819-4E59-8A42-01990DE8D5CB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:tx50:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16DA9D0A-C4E0-48A8-8863-5D54228A405A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:viewpoint_8660_firmware:v100r008c03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"573BD5BC-48CE-4752-834D-6F6368780FB2\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:viewpoint_8660:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE8FC7FB-FABD-4BC2-A0F5-3149F958EEAC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:vp9660_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A68709FF-9E1C-4174-A925-70A88D4376A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:vp9660_firmware:v500r002c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A58ED692-8BED-4877-9BC9-D41386B660C1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:vp9660:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1DC498B-F19F-403A-ACFE-F8364A78EC66\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C83F8B1-67D2-4D4C-8FB5-2C61EDD0FCF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0ADEC8B2-CD7F-4246-88C0-E27B939829AB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6208C34-D92D-4605-B4AF-6EA597CBA0F2\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal.\"}, {\"lang\": \"es\", \"value\": \"Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660 y V100R008C03 tienen una vulnerabilidad de lectura fuera de l\\u00edmites. Un atacante debe controlar el dispositivo del mismo nivel y enviar mensajes especialmente manipulados a los productos afectados. Dada la validaci\\u00f3n de entradas insuficiente, una explotaci\\u00f3n con \\u00e9xito podr\\u00eda provocar el funcionamiento err\\u00f3neo de algunos servicios.\"}]",
      "id": "CVE-2017-15353",
      "lastModified": "2024-11-21T03:14:31.767",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 3.7, \"baseSeverity\": \"LOW\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-02-15T16:29:01.407",
      "references": "[{\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en\", \"source\": \"psirt@huawei.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@huawei.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-125\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-15353\",\"sourceIdentifier\":\"psirt@huawei.com\",\"published\":\"2018-02-15T16:29:01.407\",\"lastModified\":\"2024-11-21T03:14:31.767\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal.\"},{\"lang\":\"es\",\"value\":\"Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660 y V100R008C03 tienen una vulnerabilidad de lectura fuera de l\u00edmites. Un atacante debe controlar el dispositivo del mismo nivel y enviar mensajes especialmente manipulados a los productos afectados. Dada la validaci\u00f3n de entradas insuficiente, una explotaci\u00f3n con \u00e9xito podr\u00eda provocar el funcionamiento err\u00f3neo de algunos servicios.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":3.7,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8871106B-D3AF-4CFB-A544-1FA411642428\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F3483B2-9EB6-4E34-900A-945C04A3160D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67731A77-1DD4-49B2-B437-2850C9583750\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98275088-2FBE-42F4-AAEC-DF02950B803D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:rse6500_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"649BB696-BDBE-46FC-A23D-287DE306D8BB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:rse6500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DD9417D-0515-4B21-AD32-E6B137575D01\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"686651A5-6F2F-4AF3-9B96-FF5905F2303A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA3EF476-42D7-4758-8DCB-373F46BF1CF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DEA387B-4F45-438F-8086-6E80B553163C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"018039EB-7265-4B71-B462-4734FD1D0503\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDD87254-ABAD-4DFF-BC0D-2CF030063D6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"931FD3B3-A333-4277-AE55-494F5DB9F09F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45C3AF58-E030-4E12-A2FD-A4337A5021ED\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF7A4D51-314B-4A77-86A7-9C5237BC4275\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A70F8924-DC80-4D6F-BA3E-DBFE32FED788\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4F188B3-0A63-4704-9B0D-F8DF5D973FA5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te60_firmware:v100r001c01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6EACB9-6832-4B2A-9C5B-C1E2747D6359\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"092C9FAF-8892-4E16-9C0E-BB1E3488C6C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01BC9042-0485-437F-811F-F8898B3B7EA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A29049D-F472-4772-8750-20730DA624E9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"999117E9-90C8-4E76-90B5-7D364C0B84BF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:tx50_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ABD47BE6-70B0-49FE-91D1-D5EE4BD9C750\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:tx50_firmware:v600r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD35F8E5-9819-4E59-8A42-01990DE8D5CB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:tx50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16DA9D0A-C4E0-48A8-8863-5D54228A405A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:viewpoint_8660_firmware:v100r008c03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"573BD5BC-48CE-4752-834D-6F6368780FB2\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:viewpoint_8660:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE8FC7FB-FABD-4BC2-A0F5-3149F958EEAC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:vp9660_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A68709FF-9E1C-4174-A925-70A88D4376A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:vp9660_firmware:v500r002c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A58ED692-8BED-4877-9BC9-D41386B660C1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:vp9660:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1DC498B-F19F-403A-ACFE-F8364A78EC66\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C83F8B1-67D2-4D4C-8FB5-2C61EDD0FCF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ADEC8B2-CD7F-4246-88C0-E27B939829AB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6208C34-D92D-4605-B4AF-6EA597CBA0F2\"}]}]}],\"references\":[{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.