Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P
Vendors Products
Huawei
  • Cloudengine 5800 Firmware
  • Cloudengine 12800
  • Cloudengine 6800 Firmware
  • Cloudengine 6800
  • Cloudengine 7800
  • Cloudengine 12800 Firmware
  • Cloudengine 7800 Firmware
  • Cloudengine 5800

Configuration 1 [-]

AND
OR cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
OR cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
OR cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
OR cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*
References
Link Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: huawei

Published: 2018-02-15T16:00:00

Updated: 2018-02-15T15:57:02

Reserved: 2017-10-14T00:00:00

Link: CVE-2017-15349

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2018-02-15T16:29:01.203

Modified: 2019-10-03T00:03:26.223

Link: CVE-2017-15349

JSON object: View

cve-icon Redhat Information

No data.

CWE