CVE-2017-15353 - OpenCVE

Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal.

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	Tx50 Firmware Viewpoint 8660 Firmware Viewpoint 8660 Te60 Firmware Rp200 Firmware Te30 Tx50 Dp300 Te50 Firmware Rse6500 Viewpoint 9030 Firmware Te40 Firmware Dp300 Firmware Vp9660 Viewpoint 9030 Te40 Te50 Te60 Rse6500 Firmware Vp9660 Firmware Rp200 Te30 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*

cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

OR	cpe:2.3:o:huawei:rp200_firmware:v500r002c00:::::::*
	cpe:2.3:o:huawei:rp200_firmware:v600r006c00:::::::*

cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:huawei:rse6500_firmware:v500r002c00:*:*:*:*:*:*:*

cpe:2.3:h:huawei:rse6500:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

OR	cpe:2.3:o:huawei:te30_firmware:v100r001c02:::::::*
	cpe:2.3:o:huawei:te30_firmware:v100r001c10:::::::*
	cpe:2.3:o:huawei:te30_firmware:v500r002c00:::::::*
	cpe:2.3:o:huawei:te30_firmware:v600r006c00:::::::*

cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

OR	cpe:2.3:o:huawei:te40_firmware:v500r002c00:::::::*
	cpe:2.3:o:huawei:te40_firmware:v600r006c00:::::::*

cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

OR	cpe:2.3:o:huawei:te50_firmware:v500r002c00:::::::*
	cpe:2.3:o:huawei:te50_firmware:v600r006c00:::::::*

cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

OR	cpe:2.3:o:huawei:te60_firmware:v100r001c01:::::::*
	cpe:2.3:o:huawei:te60_firmware:v100r001c10:::::::*
	cpe:2.3:o:huawei:te60_firmware:v500r002c00:::::::*
	cpe:2.3:o:huawei:te60_firmware:v600r006c00:::::::*

cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

OR	cpe:2.3:o:huawei:tx50_firmware:v500r002c00:::::::*
	cpe:2.3:o:huawei:tx50_firmware:v600r006c00:::::::*

cpe:2.3:h:huawei:tx50:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:huawei:viewpoint_8660_firmware:v100r008c03:*:*:*:*:*:*:*

cpe:2.3:h:huawei:viewpoint_8660:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

OR	cpe:2.3:o:huawei:vp9660_firmware:v500r002c00:::::::*
	cpe:2.3:o:huawei:vp9660_firmware:v500r002c10:::::::*

cpe:2.3:h:huawei:vp9660:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

OR	cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:::::::*
	cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:::::::*

cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: huawei

Published: 2018-02-15T16:00:00

Updated: 2018-02-15T15:57:02

Reserved: 2017-10-14T00:00:00

Link: CVE-2017-15353

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-02-15T16:29:01.407

Modified: 2018-02-22T17:00:58.000

Link: CVE-2017-15353

JSON object: View

Redhat Information

No data.

CWE

CWE-125