CVE-2017-2722 (GCVE-0-2017-2722)

Vulnerability from cvelistv5 – Published: 2017-11-22 19:00 – Updated: 2024-09-17 00:31
VLAI?
Summary
DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30 have an input validation vulnerability.A remote attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. A successful exploit could allow the attacker to cause a denial of service or execute arbitrary code.
Severity ?
No CVSS data available.
CWE
  • Input Validation
Assigner
References
Impacted products
Vendor Product Version
Huawei Technologies Co., Ltd. DP300,TE60,TP3106,ViewPoint 9030,eCNS210_TD,eSpace 7950,eSpace IAD,eSpace U1981 Affected: DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:07.667Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-pse-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DP300,TE60,TP3106,ViewPoint 9030,eCNS210_TD,eSpace 7950,eSpace IAD,eSpace U1981",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30"
            }
          ]
        }
      ],
      "datePublic": "2017-11-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30 have an input validation vulnerability.A remote attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. A successful exploit could allow the attacker to cause a denial of service or execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Input Validation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-22T18:57:01",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-pse-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "DATE_PUBLIC": "2017-11-15T00:00:00",
          "ID": "CVE-2017-2722",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DP300,TE60,TP3106,ViewPoint 9030,eCNS210_TD,eSpace 7950,eSpace IAD,eSpace U1981",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei Technologies Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30 have an input validation vulnerability.A remote attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. A successful exploit could allow the attacker to cause a denial of service or execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-pse-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-pse-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2017-2722",
    "datePublished": "2017-11-22T19:00:00Z",
    "dateReserved": "2016-12-01T00:00:00",
    "dateUpdated": "2024-09-17T00:31:02.602Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8871106B-D3AF-4CFB-A544-1FA411642428\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F3483B2-9EB6-4E34-900A-945C04A3160D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te60_firmware:v100r001c01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F6EACB9-6832-4B2A-9C5B-C1E2747D6359\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"092C9FAF-8892-4E16-9C0E-BB1E3488C6C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te60_firmware:v100r003c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D13F79BF-2919-45A3-9AB0-9D501DDA94B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"01BC9042-0485-437F-811F-F8898B3B7EA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A29049D-F472-4772-8750-20730DA624E9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"999117E9-90C8-4E76-90B5-7D364C0B84BF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:tp3106_firmware:v100r001c06:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B5AFC9C8-548B-4A63-BE1D-98685E353434\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73EB0020-7162-4E3C-8E6B-D2FF8D7ECF36\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:tp3106:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"492DABB3-66CF-47E9-92D4-518154559A7C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C83F8B1-67D2-4D4C-8FB5-2C61EDD0FCF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0ADEC8B2-CD7F-4246-88C0-E27B939829AB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6208C34-D92D-4605-B4AF-6EA597CBA0F2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:ecns210_td_firmware:v100r004c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30C6245A-D192-4D02-BB4E-285ABD2BB328\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:ecns210_td:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47FCDC81-B742-4D42-BD52-52BBDDDD4BE5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:espace_7950_firmware:v200r003c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53A2334D-1724-42B5-8DD2-0BA191BA5F49\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:espace_7950_firmware:v200r003c30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4523A712-FF77-4BDA-B213-0AE2BDC4152C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:espace_7950:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"185783AE-3135-471E-8D55-4BAB3A187F21\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:espace_iad_firmware:v300r001c07spca00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1CF01DA4-5E45-4CCC-A8C8-B2DC4E625441\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:espace_iad_firmware:v300r002c01spcb00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1DA246C5-B5BB-415F-821C-4E2B4CFFE8D1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:espace_iad:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91C8CF3B-2907-4E9C-8CA9-6FECDDC68812\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:espace_u1981_firmware:v100r001c20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BC147B8B-BA90-4BE9-A018-0B85D7D85784\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:espace_u1981_firmware:v100r001c30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28DFCB81-F308-4EEC-AD5D-5225D025C167\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD5D04E4-9B18-4B6C-A9B1-93A43B3D9333\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C82BCBDF-4F07-47F1-BB91-6148E2403133\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FC865317-D874-469D-AE84-7700B0F1485C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:espace_u1981:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7BD4D80-D901-4082-B74D-A1D0CC24CA9F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30 have an input validation vulnerability.A remote attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. A successful exploit could allow the attacker to cause a denial of service or execute arbitrary code.\"}, {\"lang\": \"es\", \"value\": \"DP300 V500R002C00, TE60 con software V100R001C01, V100R001C10, V100R003C00, V500R002C00 y V600R006C00, TP3106 con software V100R001C06 y V100R002C00, ViewPoint 9030 con software V100R011C02 y V100R011C03, eCNS210_TD con software V100R004C10, eSpace 7950 con software V200R003C00 y V200R003C30, eSpace IAD con software V300R001C07SPCa00 y V300R002C01SPCb00, eSpace U1981 con software V100R001C20, V100R001C30, V200R003C00, V200R003C20 y V200R003C30 tienen una vulnerabilidad de validaci\\u00f3n de entradas. Un atacante remoto podr\\u00eda explotar esta vulnerabilidad manipulando un paquete mal formado y envi\\u00e1ndolo al dispositivo. Un exploit exitoso podr\\u00eda permitir que el atacante provoque una denegaci\\u00f3n de servicio o ejecute c\\u00f3digo arbitrario.\"}]",
      "id": "CVE-2017-2722",
      "lastModified": "2024-11-21T03:24:03.187",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:P/A:P\", \"baseScore\": 6.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-11-22T19:29:01.427",
      "references": "[{\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-pse-en\", \"source\": \"psirt@huawei.com\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}, {\"url\": \"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-pse-en\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@huawei.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-2722\",\"sourceIdentifier\":\"psirt@huawei.com\",\"published\":\"2017-11-22T19:29:01.427\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30 have an input validation vulnerability.A remote attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. A successful exploit could allow the attacker to cause a denial of service or execute arbitrary code.\"},{\"lang\":\"es\",\"value\":\"DP300 V500R002C00, TE60 con software V100R001C01, V100R001C10, V100R003C00, V500R002C00 y V600R006C00, TP3106 con software V100R001C06 y V100R002C00, ViewPoint 9030 con software V100R011C02 y V100R011C03, eCNS210_TD con software V100R004C10, eSpace 7950 con software V200R003C00 y V200R003C30, eSpace IAD con software V300R001C07SPCa00 y V300R002C01SPCb00, eSpace U1981 con software V100R001C20, V100R001C30, V200R003C00, V200R003C20 y V200R003C30 tienen una vulnerabilidad de validaci\u00f3n de entradas. Un atacante remoto podr\u00eda explotar esta vulnerabilidad manipulando un paquete mal formado y envi\u00e1ndolo al dispositivo. Un exploit exitoso podr\u00eda permitir que el atacante provoque una denegaci\u00f3n de servicio o ejecute c\u00f3digo arbitrario.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8871106B-D3AF-4CFB-A544-1FA411642428\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F3483B2-9EB6-4E34-900A-945C04A3160D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te60_firmware:v100r001c01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6EACB9-6832-4B2A-9C5B-C1E2747D6359\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"092C9FAF-8892-4E16-9C0E-BB1E3488C6C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te60_firmware:v100r003c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D13F79BF-2919-45A3-9AB0-9D501DDA94B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01BC9042-0485-437F-811F-F8898B3B7EA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A29049D-F472-4772-8750-20730DA624E9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"999117E9-90C8-4E76-90B5-7D364C0B84BF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:tp3106_firmware:v100r001c06:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5AFC9C8-548B-4A63-BE1D-98685E353434\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73EB0020-7162-4E3C-8E6B-D2FF8D7ECF36\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:tp3106:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"492DABB3-66CF-47E9-92D4-518154559A7C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C83F8B1-67D2-4D4C-8FB5-2C61EDD0FCF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ADEC8B2-CD7F-4246-88C0-E27B939829AB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6208C34-D92D-4605-B4AF-6EA597CBA0F2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:ecns210_td_firmware:v100r004c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30C6245A-D192-4D02-BB4E-285ABD2BB328\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:ecns210_td:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47FCDC81-B742-4D42-BD52-52BBDDDD4BE5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:espace_7950_firmware:v200r003c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53A2334D-1724-42B5-8DD2-0BA191BA5F49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:espace_7950_firmware:v200r003c30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4523A712-FF77-4BDA-B213-0AE2BDC4152C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:espace_7950:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"185783AE-3135-471E-8D55-4BAB3A187F21\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:espace_iad_firmware:v300r001c07spca00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CF01DA4-5E45-4CCC-A8C8-B2DC4E625441\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:espace_iad_firmware:v300r002c01spcb00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1DA246C5-B5BB-415F-821C-4E2B4CFFE8D1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:espace_iad:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91C8CF3B-2907-4E9C-8CA9-6FECDDC68812\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:espace_u1981_firmware:v100r001c20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC147B8B-BA90-4BE9-A018-0B85D7D85784\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:espace_u1981_firmware:v100r001c30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28DFCB81-F308-4EEC-AD5D-5225D025C167\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD5D04E4-9B18-4B6C-A9B1-93A43B3D9333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C82BCBDF-4F07-47F1-BB91-6148E2403133\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC865317-D874-469D-AE84-7700B0F1485C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:espace_u1981:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7BD4D80-D901-4082-B74D-A1D0CC24CA9F\"}]}]}],\"references\":[{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-pse-en\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170419-01-pse-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.