7.5

CVE-2017-15349

EPSS 0.17%
Veröffentlicht 15.02.2018 16:29:01
Zuletzt bearbeitet 21.11.2024 03:14:31
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ Cloudengine 12800 Firmware Versionv100r003c00

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 12800 Firmware Versionv100r005c00

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 12800 Firmware Versionv100r005c10

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 12800 Firmware Versionv100r006c00

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 5800 Firmware Versionv100r003c00

Huawei ≫ Cloudengine 5800 Version-

Huawei ≫ Cloudengine 5800 Firmware Versionv100r005c00

Huawei ≫ Cloudengine 5800 Version-

Huawei ≫ Cloudengine 5800 Firmware Versionv100r005c10

Huawei ≫ Cloudengine 5800 Version-

Huawei ≫ Cloudengine 5800 Firmware Versionv100r006c00

Huawei ≫ Cloudengine 5800 Version-

Huawei ≫ Cloudengine 6800 Firmware Versionv100r003c00

Huawei ≫ Cloudengine 6800 Version-

Huawei ≫ Cloudengine 6800 Firmware Versionv100r005c00

Huawei ≫ Cloudengine 6800 Version-

Huawei ≫ Cloudengine 6800 Firmware Versionv100r005c10

Huawei ≫ Cloudengine 6800 Version-

Huawei ≫ Cloudengine 6800 Firmware Versionv100r006c00

Huawei ≫ Cloudengine 6800 Version-

Huawei ≫ Cloudengine 7800 Firmware Versionv100r003c00

Huawei ≫ Cloudengine 7800 Version-

Huawei ≫ Cloudengine 7800 Firmware Versionv100r005c00

Huawei ≫ Cloudengine 7800 Version-

Huawei ≫ Cloudengine 7800 Firmware Versionv100r005c10

Huawei ≫ Cloudengine 7800 Version-

Huawei ≫ Cloudengine 7800 Firmware Versionv100r006c00

Huawei ≫ Cloudengine 7800 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.17%	0.355

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-772 Missing Release of Resource after Effective Lifetime

The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-15349

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-15349

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-15349

EUVD