CVE-2017-2690

EPSS 0.02%
Published 22.11.2017 19:29:00
Last modified 20.04.2025 01:37:25
Source psirt@huawei.com
Teams watchlist Login
Open Login

SoftCo with software V200R003C20,eSpace U1910 with software V200R003C00, V200R003C20 and V200R003C30,eSpace U1911 with software V200R003C20, V200R003C30,eSpace U1930 with software V200R003C20 and V200R003C30,eSpace U1960 with software V200R003C20, V200R003C30,eSpace U1980 with software V200R003C20, V200R003C30,eSpace U1981 with software V200R003C20 and V200R003C30 have an denial of service (DoS) vulnerability, which allow an attacker with specific permission to craft a file containing malicious data and upload it to the device to exhaust memory, causing a DoS condition.

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Huawei ≫ Softco Firmware Versionv200r003c20

Huawei ≫ Softco Version-

Huawei ≫ Espace U1910 Firmware Versionv200r003c00

Huawei ≫ Espace U1910 Version-

Huawei ≫ Espace U1910 Firmware Versionv200r003c20

Huawei ≫ Espace U1910 Version-

Huawei ≫ Espace U1910 Firmware Versionv200r003c30

Huawei ≫ Espace U1910 Version-

Huawei ≫ Espace U1911 Firmware Versionv200r003c20

Huawei ≫ Espace U1911 Version-

Huawei ≫ Espace U1911 Firmware Versionv200r003c30

Huawei ≫ Espace U1911 Version-

Huawei ≫ Espace U1930 Firmware Versionv200r003c20

Huawei ≫ Espace U1930 Version-

Huawei ≫ Espace U1930 Firmware Versionv200r003c30

Huawei ≫ Espace U1930 Version-

Huawei ≫ Espace U1960 Firmware Versionv200r003c20

Huawei ≫ Espace U1960 Version-

Huawei ≫ Espace U1960 Firmware Versionv200r003c30

Huawei ≫ Espace U1960 Version-

Huawei ≫ Espace U1980 Firmware Versionv200r003c20

Huawei ≫ Espace U1980 Version-

Huawei ≫ Espace U1980 Firmware Versionv200r003c30

Huawei ≫ Espace U1980 Version-

Huawei ≫ Espace U1981 Firmware Versionv200r003c20

Huawei ≫ Espace U1981 Version-

Huawei ≫ Espace U1981 Firmware Versionv200r003c30

Huawei ≫ Espace U1981 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.02%	0.038

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.9	3.9	6.9	AV:L/AC:L/Au:N/C:N/I:N/A:C

CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170111-01-parser-en

Vendor Advisory

http://www.securityfocus.com/bid/95382

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2017-2690

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-2690

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-2690

EUVD