6.8

CVE-2017-15315

Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200 has a memory leak vulnerability. An authenticated attacker could execute special commands many times, the memory leaking happened, which would cause the device to reset finally.

Data is provided by the National Vulnerability Database (NVD)
HuaweiNip6300 Firmware Versionv500r001c20spc100
   HuaweiNip6300 Version-
HuaweiNip6300 Firmware Versionv500r001c20spc200
   HuaweiNip6300 Version-
HuaweiNip6600 Firmware Versionv500r001c20spc100
   HuaweiNip6600 Version-
HuaweiNip6600 Firmware Versionv500r001c20spc200
   HuaweiNip6600 Version-
HuaweiSecospace Usg6300 Firmware Versionv500r001c20spc100
   HuaweiSecospace Usg6300 Version-
HuaweiSecospace Usg6300 Firmware Versionv500r001c20spc200
   HuaweiSecospace Usg6300 Version-
HuaweiSecospace Usg6500 Firmware Versionv500r001c20spc100
   HuaweiSecospace Usg6500 Version-
HuaweiSecospace Usg6500 Firmware Versionv500r001c20spc200
   HuaweiSecospace Usg6500 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.16% 0.33
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 6.8 8 6.9
AV:N/AC:L/Au:S/C:N/I:N/A:C
CWE-772 Missing Release of Resource after Effective Lifetime

The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.