Out-of-Bounds Read Vulnerability in H323 Protocol for Huawei Products
CVE-2017-8200

6.5MEDIUM

Key Information:

Vendor: McAfee
Status: Max Presence,tp3106,tp3206
Vendor: CVE Published:; 22 November 2017

Summary

The affected Huawei products feature an out-of-bounds read vulnerability within the H323 protocol. This issue arises when an attacker gains access to the system as an authorized user and sends crafted packets to the affected devices. Due to inadequate verification of these packets, the exploitation can lead to unintentional reboots of essential processes.

Affected Version(s)

MAX PRESENCE,TP3106,TP3206 V100R001C00,V100R002C00,V100R002C00

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/101948

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 22, 2017
Vulnerability Reserved
Apr 25, 2017