Out-of-Bounds Read Vulnerability in Huawei Media Gateway Control Protocol
CVE-2017-17216

5.9MEDIUM

Key Information:

Vendor: McAfee
Status: Dp300; Rp200; Te30; Te40; Te50; Te60
Vendor: CVE Published:; 9 March 2018

Summary

The Media Gateway Control Protocol (MGCP) in various Huawei products is susceptible to an out-of-bounds read vulnerability. This issue allows unauthenticated remote attackers to send specially crafted packets to the affected products. Insufficient packet validation can result in unintended process reboots, potentially disrupting services.

Affected Version(s)

DP300; RP200; TE30; TE40; TE50; TE60 DP300 V500R002C00

DP300; RP200; TE30; TE40; TE50; TE60 RP200 V500R002C00SPC200

DP300; RP200; TE30; TE40; TE50; TE60 V600R006C00

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 9, 2018
Vulnerability Reserved
Dec 4, 2017