Search
Find a vulnerability
Search criteria
6 vulnerabilities found for AR3200 by Huawei Technologies Co., Ltd.
CVE-2017-15344 (GCVE-0-2017-15344)
Vulnerability from nvd – Published: 2018-02-15 16:00 – Updated: 2024-08-05 19:50
VLAI
Summary
Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could cause system reboot.
Severity
No CVSS data available.
CWE
- integer overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei Technologies Co., Ltd. | AR3200 |
Affected:
V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30
|
Date Public
2017-11-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-02-sctp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR3200",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30"
}
]
}
],
"datePublic": "2017-11-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could cause system reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "integer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T15:57:02.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-02-sctp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-15344",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR3200",
"version": {
"version_data": [
{
"version_value": "V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could cause system reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-02-sctp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-02-sctp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-15344",
"datePublished": "2018-02-15T16:00:00.000Z",
"dateReserved": "2017-10-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:50:16.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15343 (GCVE-0-2017-15343)
Vulnerability from nvd – Published: 2018-02-15 16:00 – Updated: 2024-08-05 19:50
VLAI
Summary
Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could system reboot.
Severity
No CVSS data available.
CWE
- integer overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei Technologies Co., Ltd. | AR3200 |
Affected:
V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30
|
Date Public
2017-11-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR3200",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30"
}
]
}
],
"datePublic": "2017-11-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could system reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "integer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T15:57:02.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-15343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR3200",
"version": {
"version_data": [
{
"version_value": "V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could system reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-15343",
"datePublished": "2018-02-15T16:00:00.000Z",
"dateReserved": "2017-10-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:50:16.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15317 (GCVE-0-2017-15317)
Vulnerability from nvd – Published: 2017-12-22 17:00 – Updated: 2024-09-17 03:23
VLAI
Summary
AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30; AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30; AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30; SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an input validation vulnerability in Huawei multiple products. Due to the insufficient input validation, an unauthenticated, remote attacker may craft a malformed Stream Control Transmission Protocol (SCTP) packet and send it to the device, causing the device to read out of bounds and restart.
Severity
No CVSS data available.
CWE
- Input Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei Technologies Co., Ltd. | AR120-S |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR1200 |
Affected:
V200R006C10
Affected: V200R006C13 Affected: V200R007C00 Affected: V200R007C01 Affected: V200R007C02 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR1200-S |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR150 |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R007C01 Affected: V200R007C02 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR150-S |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR160 |
Affected:
V200R006C10
Affected: V200R006C12 Affected: V200R007C00 Affected: V200R007C01 Affected: V200R007C02 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR200 |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R007C01 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR200-S |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR2200 |
Affected:
V200R006C10
Affected: V200R006C13 Affected: V200R006C16 Affected: V200R007C00 Affected: V200R007C01 Affected: V200R007C02 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR2200-S |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR3200 |
Affected:
V200R006C10
Affected: V200R006C11 Affected: V200R007C00 Affected: V200R007C01 Affected: V200R007C02 Affected: V200R008C00 Affected: V200R008C10 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR510 |
Affected:
V200R006C10
Affected: V200R006C12 Affected: V200R006C13 Affected: V200R006C15 Affected: V200R006C16 Affected: V200R006C17 Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | SRG1300 |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R007C02 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | SRG2300 |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R007C02 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | SRG3300 |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
Date Public
2017-12-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sctp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR120-S",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR1200",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C13"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR1200-S",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR150",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR150-S",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR160",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C12"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR200",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR200-S",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR2200",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C13"
},
{
"status": "affected",
"version": "V200R006C16"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR2200-S",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR3200",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C11"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R008C10"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR510",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C12"
},
{
"status": "affected",
"version": "V200R006C13"
},
{
"status": "affected",
"version": "V200R006C15"
},
{
"status": "affected",
"version": "V200R006C16"
},
{
"status": "affected",
"version": "V200R006C17"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "SRG1300",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "SRG2300",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "SRG3300",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
}
],
"datePublic": "2017-12-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30; AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30; AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30; SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an input validation vulnerability in Huawei multiple products. Due to the insufficient input validation, an unauthenticated, remote attacker may craft a malformed Stream Control Transmission Protocol (SCTP) packet and send it to the device, causing the device to read out of bounds and restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-22T16:57:01.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sctp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC": "2017-12-06T00:00:00",
"ID": "CVE-2017-15317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR120-S",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR1200",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C13"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR1200-S",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR150",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR150-S",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR160",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C12"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR200",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR200-S",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR2200",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C13"
},
{
"version_value": "V200R006C16"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR2200-S",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR3200",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C11"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C10"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR510",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C12"
},
{
"version_value": "V200R006C13"
},
{
"version_value": "V200R006C15"
},
{
"version_value": "V200R006C16"
},
{
"version_value": "V200R006C17"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "SRG1300",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "SRG2300",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "SRG3300",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30; AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30; AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30; SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an input validation vulnerability in Huawei multiple products. Due to the insufficient input validation, an unauthenticated, remote attacker may craft a malformed Stream Control Transmission Protocol (SCTP) packet and send it to the device, causing the device to read out of bounds and restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sctp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sctp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-15317",
"datePublished": "2017-12-22T17:00:00.000Z",
"dateReserved": "2017-10-14T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:23:23.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15343 (GCVE-0-2017-15343)
Vulnerability from cvelistv5 – Published: 2018-02-15 16:00 – Updated: 2024-08-05 19:50
VLAI
Summary
Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could system reboot.
Severity
No CVSS data available.
CWE
- integer overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei Technologies Co., Ltd. | AR3200 |
Affected:
V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30
|
Date Public
2017-11-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR3200",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30"
}
]
}
],
"datePublic": "2017-11-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could system reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "integer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T15:57:02.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-15343",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR3200",
"version": {
"version_data": [
{
"version_value": "V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could system reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-15343",
"datePublished": "2018-02-15T16:00:00.000Z",
"dateReserved": "2017-10-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:50:16.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15344 (GCVE-0-2017-15344)
Vulnerability from cvelistv5 – Published: 2018-02-15 16:00 – Updated: 2024-08-05 19:50
VLAI
Summary
Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could cause system reboot.
Severity
No CVSS data available.
CWE
- integer overflow
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei Technologies Co., Ltd. | AR3200 |
Affected:
V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30
|
Date Public
2017-11-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-02-sctp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR3200",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30"
}
]
}
],
"datePublic": "2017-11-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could cause system reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "integer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-15T15:57:02.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-02-sctp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-15344",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR3200",
"version": {
"version_data": [
{
"version_value": "V200R006C10,V200R006C11,V200R007C00,V200R007C01,V200R007C02,V200R008C00,V200R008C10,V200R008C20,V200R008C30"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could cause system reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "integer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-02-sctp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-02-sctp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-15344",
"datePublished": "2018-02-15T16:00:00.000Z",
"dateReserved": "2017-10-14T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:50:16.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15317 (GCVE-0-2017-15317)
Vulnerability from cvelistv5 – Published: 2017-12-22 17:00 – Updated: 2024-09-17 03:23
VLAI
Summary
AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30; AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30; AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30; SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an input validation vulnerability in Huawei multiple products. Due to the insufficient input validation, an unauthenticated, remote attacker may craft a malformed Stream Control Transmission Protocol (SCTP) packet and send it to the device, causing the device to read out of bounds and restart.
Severity
No CVSS data available.
CWE
- Input Validation
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://www.huawei.com/en/psirt/security-advisorie… | x_refsource_CONFIRM |
Impacted products
15 products
| Vendor | Product | Version | |
|---|---|---|---|
| Huawei Technologies Co., Ltd. | AR120-S |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR1200 |
Affected:
V200R006C10
Affected: V200R006C13 Affected: V200R007C00 Affected: V200R007C01 Affected: V200R007C02 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR1200-S |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR150 |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R007C01 Affected: V200R007C02 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR150-S |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR160 |
Affected:
V200R006C10
Affected: V200R006C12 Affected: V200R007C00 Affected: V200R007C01 Affected: V200R007C02 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR200 |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R007C01 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR200-S |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR2200 |
Affected:
V200R006C10
Affected: V200R006C13 Affected: V200R006C16 Affected: V200R007C00 Affected: V200R007C01 Affected: V200R007C02 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR2200-S |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR3200 |
Affected:
V200R006C10
Affected: V200R006C11 Affected: V200R007C00 Affected: V200R007C01 Affected: V200R007C02 Affected: V200R008C00 Affected: V200R008C10 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | AR510 |
Affected:
V200R006C10
Affected: V200R006C12 Affected: V200R006C13 Affected: V200R006C15 Affected: V200R006C16 Affected: V200R006C17 Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | SRG1300 |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R007C02 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | SRG2300 |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R007C02 Affected: V200R008C20 Affected: V200R008C30 |
|
| Huawei Technologies Co., Ltd. | SRG3300 |
Affected:
V200R006C10
Affected: V200R007C00 Affected: V200R008C20 Affected: V200R008C30 |
Date Public
2017-12-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.498Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sctp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR120-S",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR1200",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C13"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR1200-S",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR150",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR150-S",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR160",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C12"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR200",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR200-S",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR2200",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C13"
},
{
"status": "affected",
"version": "V200R006C16"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR2200-S",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR3200",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C11"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R008C10"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "AR510",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R006C12"
},
{
"status": "affected",
"version": "V200R006C13"
},
{
"status": "affected",
"version": "V200R006C15"
},
{
"status": "affected",
"version": "V200R006C16"
},
{
"status": "affected",
"version": "V200R006C17"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "SRG1300",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "SRG2300",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C02"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
},
{
"product": "SRG3300",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R008C20"
},
{
"status": "affected",
"version": "V200R008C30"
}
]
}
],
"datePublic": "2017-12-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30; AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30; AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30; SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an input validation vulnerability in Huawei multiple products. Due to the insufficient input validation, an unauthenticated, remote attacker may craft a malformed Stream Control Transmission Protocol (SCTP) packet and send it to the device, causing the device to read out of bounds and restart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Input Validation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-22T16:57:01.000Z",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sctp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC": "2017-12-06T00:00:00",
"ID": "CVE-2017-15317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR120-S",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR1200",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C13"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR1200-S",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR150",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR150-S",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR160",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C12"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR200",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR200-S",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR2200",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C13"
},
{
"version_value": "V200R006C16"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR2200-S",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR3200",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C11"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C10"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "AR510",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R006C12"
},
{
"version_value": "V200R006C13"
},
{
"version_value": "V200R006C15"
},
{
"version_value": "V200R006C16"
},
{
"version_value": "V200R006C17"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "SRG1300",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "SRG2300",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C02"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
},
{
"product_name": "SRG3300",
"version": {
"version_data": [
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C20"
},
{
"version_value": "V200R008C30"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30; AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30; AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30; SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an input validation vulnerability in Huawei multiple products. Due to the insufficient input validation, an unauthenticated, remote attacker may craft a malformed Stream Control Transmission Protocol (SCTP) packet and send it to the device, causing the device to read out of bounds and restart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sctp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sctp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-15317",
"datePublished": "2017-12-22T17:00:00.000Z",
"dateReserved": "2017-10-14T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:23:23.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}