Buffer Error Vulnerability in Huawei DP300, RP200, TE30, TE40, TE50, TE60 Products
CVE-2017-17314

3.7LOW

Key Information:

Vendor: McAfee
Status: Dp300, Rp200, Te30, Te40, Te50, Te60
Vendor: CVE Published:; 30 April 2018

Summary

Huawei products including the DP300, RP200, and TE series have a vulnerability that allows unauthenticated attackers to exploit invalid memory access by sending malformed SCCP messages. This issue stems from inadequate input validation, which may lead to buffer errors and result in abnormal service behavior.

Affected Version(s)

DP300, RP200, TE30, TE40, TE50, TE60 DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 30, 2018
Vulnerability Reserved
Dec 4, 2017