Memory Leak Vulnerability in Huawei Communication Products
CVE-2017-15314

5.5MEDIUM

Key Information:

Vendor: McAfee
Status: Dp300,rp200,te30,te40,te50,te60
Vendor: CVE Published:; 9 March 2018

Summary

A memory leak vulnerability exists in various Huawei communication products caused by the failure to release memory when the XML parser processes certain node failures. This flaw allows attackers to exploit the affected systems, potentially leading to memory leaks that can result in system exceptions, jeopardizing the stability and reliability of the affected devices.

Affected Version(s)

DP300,RP200,TE30,TE40,TE50,TE60 DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 9, 2018
Vulnerability Reserved
Oct 14, 2017