CVE-2017-17134

5.5MEDIUM

Key Information:

Vendor: McAfee
Status: Dp300; Rp200; Te30; Te40; Te50; Te60
Vendor: CVE Published:; 5 March 2018

Summary

XML parser in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has a DoS vulnerability. Due to not check the specially XML file enough an authenticated local attacker may craft specific XML files to the affected products and parse this file which cause to null pointer accessing and result in DoS attacks.

Affected Version(s)

DP300; RP200; TE30; TE40; TE50; TE60 DP300 V500R002C00

DP300; RP200; TE30; TE40; TE50; TE60 RP200 V500R002C00SPC200

DP300; RP200; TE30; TE40; TE50; TE60 V600R006C00

References

http://www.huawei.com/en/psirt/security-advisories/2017/h...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 5, 2018
Vulnerability Reserved
Dec 4, 2017