CVE-2017-17131

5.7MEDIUM

Key Information:

Vendor: McAfee
Status: Dp300; Rp200; Te30; Te50; Te60; Vp9660
Vendor: CVE Published:; 6 December 2017

Summary

Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due to insufficient validation of the parameter when a putty comment key is loaded. An authenticated remote attacker can place a malformed putty key file in system when a system manager load the key an infinite loop happens which lead to reboot the system.

Affected Version(s)

DP300; RP200; TE30; TE50; TE60; VP9660 DP300 V500R002C00

DP300; RP200; TE30; TE50; TE60; VP9660 RP200 V500R002C00

DP300; RP200; TE30; TE50; TE60; VP9660 V600R006C00

References

http://www.huawei.com/en/psirt/security-advisories/2017/h...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 6, 2017
Vulnerability Reserved
Dec 4, 2017