Uncontrolled Format String Vulnerability in Huawei VP9660 License Module
CVE-2017-17132

5.5MEDIUM

Key Information:

Vendor: McAfee
Status: Vp9660
Vendor: CVE Published:; 5 March 2018

Summary

The Huawei VP9660 V500R002C10 is susceptible to an uncontrolled format string vulnerability within its license module. This flaw allows an authenticated local attacker to manipulate log output, potentially resulting in denial of service conditions. Exploiting this vulnerability could disrupt operations and affect the stability of the device. It is crucial for users to implement the recommended security patches and updates to safeguard their systems.

Affected Version(s)

VP9660 V500R002C10

References

http://www.huawei.com/en/psirt/security-advisories/2017/h...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 5, 2018
Vulnerability Reserved
Dec 4, 2017