Out-of-Bounds Read Vulnerability in Huawei DP300 and Others
CVE-2017-17218

5.3MEDIUM

Key Information:

Vendor: Huawei
Status: Dp300 Firmware
Vendor: CVE Published:; 9 March 2018

Summary

The SCCPX module in multiple Huawei products is susceptible to an out-of-bounds read vulnerability, allowing unauthenticated remote attackers to exploit the flaw by sending specially crafted packets. This vulnerability arises from inadequate validation of incoming packets, which may lead to potential service disruption and impact the availability of affected devices.

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 9, 2018
Vulnerability Reserved
Dec 4, 2017