CVE-2017-15323

EPSS 0.02%
Published 09.03.2018 21:29:00
Last modified 21.11.2024 03:14:27
Source psirt@huawei.com
Teams watchlist Login
Open Login

Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eCNS210_TD V100R004C10, eSpace U1981 V200R003C30 have a DoS vulnerability caused by memory exhaustion in some Huawei products. For lacking of adequate input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service (DoS).

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ Dp300 Firmware Versionv500r002c00

Huawei ≫ Dp300 Version-

Huawei ≫ Nip6600 Firmware Versionv500r001c00

Huawei ≫ Nip6600 Version-

Huawei ≫ Nip6600 Firmware Versionv500r001c20

Huawei ≫ Nip6600 Version-

Huawei ≫ Nip6600 Firmware Versionv500r001c30

Huawei ≫ Nip6600 Version-

Huawei ≫ Secospace Usg6500 Firmware Versionv500r001c00

Huawei ≫ Secospace Usg6500 Version-

Huawei ≫ Secospace Usg6500 Firmware Versionv500r001c20

Huawei ≫ Secospace Usg6500 Version-

Huawei ≫ Secospace Usg6500 Firmware Versionv500r001c30

Huawei ≫ Secospace Usg6500 Version-

Huawei ≫ Te60 Firmware Versionv100r001c01

Huawei ≫ Te60 Version-

Huawei ≫ Te60 Firmware Versionv100r001c10

Huawei ≫ Te60 Version-

Huawei ≫ Te60 Firmware Versionv100r003c00

Huawei ≫ Te60 Version-

Huawei ≫ Te60 Firmware Versionv500r002c00

Huawei ≫ Te60 Version-

Huawei ≫ Te60 Firmware Versionv600r006c00

Huawei ≫ Te60 Version-

Huawei ≫ Tp3106 Firmware Versionv100r001c06

Huawei ≫ Tp3106 Version-

Huawei ≫ Tp3106 Firmware Versionv100r002c00

Huawei ≫ Tp3106 Version-

Huawei ≫ Vp9660 Firmware Versionv200r001c02

Huawei ≫ Vp9660 Version-

Huawei ≫ Vp9660 Firmware Versionv200r001c30

Huawei ≫ Vp9660 Version-

Huawei ≫ Vp9660 Firmware Versionv500r002c00

Huawei ≫ Vp9660 Version-

Huawei ≫ Vp9660 Firmware Versionv500r002c10

Huawei ≫ Vp9660 Version-

Huawei ≫ Viewpoint 8660 Firmware Versionv100r008c03

Huawei ≫ Viewpoint 8660 Version-

Huawei ≫ Viewpoint 9030 Firmware Versionv100r011c02

Huawei ≫ Viewpoint 9030 Version-

Huawei ≫ Viewpoint 9030 Firmware Versionv100r011c03

Huawei ≫ Viewpoint 9030 Version-

Huawei ≫ Ecns210 Td Firmware Versionv100r004c10

Huawei ≫ Ecns210 Td Version-

Huawei ≫ Espace U1981 Firmware Versionv200r003c30

Huawei ≫ Espace U1981 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.032

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-pse-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-15323

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-15323

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-15323

EUVD