DoS Vulnerability in SIP Module of Huawei DP300 and Other Products
CVE-2017-17144

5.3MEDIUM

Key Information:

Vendor: McAfee
Status: Dp300; Rp200; Rse6500; Te30; Te40; Te50; Te60; Tp3106; Tp3206; VieWPoint 9030; Espace U1960; Espace U1981
Vendor: CVE Published:; 5 March 2018

Summary

The SIP module in various Huawei products, including the DP300, exhibits a buffer overflow vulnerability when processing a specific amount of state data. This flaw prevents the SIP module from functioning correctly, leading to a Denial of Service (DoS) condition. An attacker could exploit this issue to disrupt the operation of affected devices, impacting their availability and performance.

Affected Version(s)

DP300; RP200; RSE6500; TE30; TE40; TE50; TE60; TP3106; TP3206; ViewPoint 9030; eSpace U1960; eSpace U1981 DP300 V500R002C00

DP300; RP200; RSE6500; TE30; TE40; TE50; TE60; TP3106; TP3206; ViewPoint 9030; eSpace U1960; eSpace U1981 V500R002C00SPC100

DP300; RP200; RSE6500; TE30; TE40; TE50; TE60; TP3106; TP3206; ViewPoint 9030; eSpace U1960; eSpace U1981 V500R002C00SPC200

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 5, 2018
Vulnerability Reserved
Dec 4, 2017