5.3

CVE-2017-17315

Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal.

Data is provided by the National Vulnerability Database (NVD)
HuaweiDp300 Firmware Versionv500r002c00
   HuaweiDp300 Version-
HuaweiRp200 Firmware Versionv600r006c00
   HuaweiRp200 Version-
HuaweiTe30 Firmware Versionv100r001c10
   HuaweiTe30 Version-
HuaweiTe30 Firmware Versionv500r002c00
   HuaweiTe30 Version-
HuaweiTe30 Firmware Versionv600r006c00
   HuaweiTe30 Version-
HuaweiTe40 Firmware Versionv500r002c00
   HuaweiTe40 Version-
HuaweiTe40 Firmware Versionv600r006c00
   HuaweiTe40 Version-
HuaweiTe50 Firmware Versionv500r002c00
   HuaweiTe50 Version-
HuaweiTe50 Firmware Versionv600r006c00
   HuaweiTe50 Version-
HuaweiTe60 Firmware Versionv100r001c10
   HuaweiTe60 Version-
HuaweiTe60 Firmware Versionv500r002c00
   HuaweiTe60 Version-
HuaweiTe60 Firmware Versionv600r006c00
   HuaweiTe60 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.15% 0.326
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.