CVE-2017-17164 - OpenCVE

Huawei Secospace AntiDDoS8000 V500R001C20SPC500 have a memory leak vulnerability due to memory don't be released when the system open some function. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Huawei	Secospace Antiddos8000 Firmware Secospace Antiddos8000

Configuration 1 [-]

AND

cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c20spc500:*:*:*:*:*:*:*

cpe:2.3:h:huawei:secospace_antiddos8000:-:*:*:*:*:*:*:*

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-antidos-en	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: huawei

Published: 2018-02-15T16:00:00

Updated: 2018-02-15T15:57:02

Reserved: 2017-12-04T00:00:00

Link: CVE-2017-17164

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-02-15T16:29:02.203

Modified: 2019-10-03T00:03:26.223

Link: CVE-2017-17164

JSON object: View

Redhat Information

No data.

CWE

CWE-772

{"containers": {"cna": {"affected": [{"product": "Secospace AntiDDoS8000", "vendor": "Huawei Technologies Co., Ltd.", "versions": [{"status": "affected", "version": "V500R001C20SPC500"}]}], "datePublic": "2017-12-13T00:00:00", "descriptions": [{"lang": "en", "value": "Huawei Secospace AntiDDoS8000 V500R001C20SPC500 have a memory leak vulnerability due to memory don't be released when the system open some function. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."}], "problemTypes": [{"descriptions": [{"description": "memory leak", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-02-15T15:57:02", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-antidos-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "ID": "CVE-2017-17164", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Secospace AntiDDoS8000", "version": {"version_data": [{"version_value": "V500R001C20SPC500"}]}}]}, "vendor_name": "Huawei Technologies Co., Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Huawei Secospace AntiDDoS8000 V500R001C20SPC500 have a memory leak vulnerability due to memory don't be released when the system open some function. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "memory leak"}]}]}, "references": {"reference_data": [{"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-antidos-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-antidos-en"}]}}}}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2017-17164", "datePublished": "2018-02-15T16:00:00", "dateReserved": "2017-12-04T00:00:00", "dateUpdated": "2018-02-15T15:57:02", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:secospace_antiddos8000_firmware:v500r001c20spc500:*:*:*:*:*:*:*", "matchCriteriaId": "2B2E6F99-BCED-41D3-A0CF-0960231A6681", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:secospace_antiddos8000:-:*:*:*:*:*:*:*", "matchCriteriaId": "5EE75ACF-D29C-4846-932D-FB9C84E1D35F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Huawei Secospace AntiDDoS8000 V500R001C20SPC500 have a memory leak vulnerability due to memory don't be released when the system open some function. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."}, {"lang": "es", "value": "Huawei Secospace AntiDDoS8000 V500R001C20SPC500 tiene una vulnerabilidad de fuga de memoria debido a que la memoria no se libera cuando el sistema abre algunas funciones. Un atacante podr\u00eda aprovecharse de esto para provocar una fuga de memoria, lo que podr\u00eda conducir a excepciones del sistema."}], "id": "CVE-2017-17164", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-02-15T16:29:02.203", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-antidos-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-772"}], "source": "nvd@nist.gov", "type": "Primary"}]}