CVE-2017-15353

EPSS 0.18%
Published 15.02.2018 16:29:01
Last modified 21.11.2024 03:14:31
Source psirt@huawei.com
Teams watchlist Login
Open Login

Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ Dp300 Firmware Versionv500r002c00

Huawei ≫ Dp300 Version-

Huawei ≫ Rp200 Firmware Versionv500r002c00

Huawei ≫ Rp200 Version-

Huawei ≫ Rp200 Firmware Versionv600r006c00

Huawei ≫ Rp200 Version-

Huawei ≫ Rse6500 Firmware Versionv500r002c00

Huawei ≫ Rse6500 Version-

Huawei ≫ Te30 Firmware Versionv100r001c02

Huawei ≫ Te30 Version-

Huawei ≫ Te30 Firmware Versionv100r001c10

Huawei ≫ Te30 Version-

Huawei ≫ Te30 Firmware Versionv500r002c00

Huawei ≫ Te30 Version-

Huawei ≫ Te30 Firmware Versionv600r006c00

Huawei ≫ Te30 Version-

Huawei ≫ Te40 Firmware Versionv500r002c00

Huawei ≫ Te40 Version-

Huawei ≫ Te40 Firmware Versionv600r006c00

Huawei ≫ Te40 Version-

Huawei ≫ Te50 Firmware Versionv500r002c00

Huawei ≫ Te50 Version-

Huawei ≫ Te50 Firmware Versionv600r006c00

Huawei ≫ Te50 Version-

Huawei ≫ Te60 Firmware Versionv100r001c01

Huawei ≫ Te60 Version-

Huawei ≫ Te60 Firmware Versionv100r001c10

Huawei ≫ Te60 Version-

Huawei ≫ Te60 Firmware Versionv500r002c00

Huawei ≫ Te60 Version-

Huawei ≫ Te60 Firmware Versionv600r006c00

Huawei ≫ Te60 Version-

Huawei ≫ Tx50 Firmware Versionv500r002c00

Huawei ≫ Tx50 Version-

Huawei ≫ Tx50 Firmware Versionv600r006c00

Huawei ≫ Tx50 Version-

Huawei ≫ Viewpoint 8660 Firmware Versionv100r008c03

Huawei ≫ Viewpoint 8660 Version-

Huawei ≫ Vp9660 Firmware Versionv500r002c00

Huawei ≫ Vp9660 Version-

Huawei ≫ Vp9660 Firmware Versionv500r002c10

Huawei ≫ Vp9660 Version-

Huawei ≫ Viewpoint 9030 Firmware Versionv100r011c02

Huawei ≫ Viewpoint 9030 Version-

Huawei ≫ Viewpoint 9030 Firmware Versionv100r011c03

Huawei ≫ Viewpoint 9030 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.18%	0.359

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	3.7	2.2	1.4	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-15353

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-15353

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-15353

EUVD