Search criteria
130 vulnerabilities found for rp200_firmware by huawei
CVE-2019-19414 (GCVE-0-2019-19414)
Vulnerability from nvd – Published: 2020-01-21 22:54 – Updated: 2024-08-05 02:16
VLAI?
Summary
There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
Severity ?
No CVSS data available.
CWE
- Two Integer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60 |
Affected:
V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50
Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800 Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50 Affected: V100R005C00,V100R005C10,V200R001C00,V200R002C50 Affected: V100R003C00,V100R004C10 Affected: V500R002C00 Affected: V500R002C00SPC200,V600R006C00 Affected: V100R001C10,V600R006C00 Affected: V600R006C00 Affected: V100R001C10,V500R002C00,V600R006C00 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:47.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R003C00,V100R004C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC200,V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V600R006C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V500R002C00,V600R006C00"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Two Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-21T22:54:32",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-19414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"version": {
"version_data": [
{
"version_value": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"version_value": "V100R003C00,V100R004C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC200,V600R006C00"
},
{
"version_value": "V100R001C10,V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V100R001C10,V500R002C00,V600R006C00"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Two Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-19414",
"datePublished": "2020-01-21T22:54:32",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-05T02:16:47.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19413 (GCVE-0-2019-19413)
Vulnerability from nvd – Published: 2020-01-21 22:54 – Updated: 2024-08-05 02:16
VLAI?
Summary
There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
Severity ?
No CVSS data available.
CWE
- Two Integer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60 |
Affected:
V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50
Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800 Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50 Affected: V100R005C00,V100R005C10,V200R001C00,V200R002C50 Affected: V100R003C00,V100R004C10 Affected: V500R002C00 Affected: V500R002C00SPC200,V600R006C00 Affected: V100R001C10,V600R006C00 Affected: V600R006C00 Affected: V100R001C10,V500R002C00,V600R006C00 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:47.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R003C00,V100R004C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC200,V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V600R006C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V500R002C00,V600R006C00"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Two Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-21T22:54:22",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-19413",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"version": {
"version_data": [
{
"version_value": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"version_value": "V100R003C00,V100R004C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC200,V600R006C00"
},
{
"version_value": "V100R001C10,V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V100R001C10,V500R002C00,V600R006C00"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Two Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-19413",
"datePublished": "2020-01-21T22:54:22",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-05T02:16:47.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17317 (GCVE-0-2017-17317)
Vulnerability from nvd – Published: 2018-07-02 13:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal.
Severity ?
No CVSS data available.
CWE
- buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60 |
Affected:
USG6300 V100R001C10
Affected: V100R001C20 Affected: V100R001C30 Affected: V500R001C00 Affected: V500R001C20 Affected: V500R001C30 Affected: V500R001C50 Affected: Secospace USG6500 V100R001C10 Affected: Secospace USG6600 V100R001C00 Affected: TE30 V100R001C02 Affected: V100R001C10 Affected: V500R002C00 Affected: V600R006C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C01 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.748Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "USG6300 V100R001C10"
},
{
"status": "affected",
"version": "V100R001C20"
},
{
"status": "affected",
"version": "V100R001C30"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "Secospace USG6500 V100R001C10"
},
{
"status": "affected",
"version": "Secospace USG6600 V100R001C00"
},
{
"status": "affected",
"version": "TE30 V100R001C02"
},
{
"status": "affected",
"version": "V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C01"
}
]
}
],
"datePublic": "2018-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-02T12:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "USG6300 V100R001C10"
},
{
"version_value": "V100R001C20"
},
{
"version_value": "V100R001C30"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "Secospace USG6500 V100R001C10"
},
{
"version_value": "V100R001C20"
},
{
"version_value": "V100R001C30"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "Secospace USG6600 V100R001C00"
},
{
"version_value": "V100R001C20"
},
{
"version_value": "V100R001C30"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "TE30 V100R001C02"
},
{
"version_value": "V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C01"
},
{
"version_value": "V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17317",
"datePublished": "2018-07-02T13:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17316 (GCVE-0-2017-17316)
Vulnerability from nvd – Published: 2018-07-02 13:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal.
Severity ?
No CVSS data available.
CWE
- out-of-bounds read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V500R002C00 Affected: V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:31.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-02T12:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17316",
"datePublished": "2018-07-02T13:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:31.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17315 (GCVE-0-2017-17315)
Vulnerability from nvd – Published: 2018-05-24 14:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal.
Severity ?
No CVSS data available.
CWE
- numeric errors
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: V600R006C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "numeric errors",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-24T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "numeric errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17315",
"datePublished": "2018-05-24T14:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17314 (GCVE-0-2017-17314)
Vulnerability from nvd – Published: 2018-04-30 14:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal.
Severity ?
No CVSS data available.
CWE
- invalid memory access
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "invalid memory access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-30T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "invalid memory access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17314",
"datePublished": "2018-04-30T14:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17310 (GCVE-0-2017-17310)
Vulnerability from nvd – Published: 2018-04-19 14:00 – Updated: 2024-09-16 23:41
VLAI?
Summary
Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal.
Severity ?
No CVSS data available.
CWE
- buffer error
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-19T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC": "2018-04-18T00:00:00",
"ID": "CVE-2017-17310",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17310",
"datePublished": "2018-04-19T14:00:00Z",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-09-16T23:41:48.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17308 (GCVE-0-2017-17308)
Vulnerability from nvd – Published: 2018-04-11 17:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal.
Severity ?
No CVSS data available.
CWE
- invalid memory access
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "invalid memory access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-11T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "invalid memory access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17308",
"datePublished": "2018-04-11T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17282 (GCVE-0-2017-17282)
Vulnerability from nvd – Published: 2018-03-09 21:00 – Updated: 2024-08-05 20:44
VLAI?
Summary
SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal.
Severity ?
No CVSS data available.
CWE
- buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:44:00.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T20:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17282",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17282",
"datePublished": "2018-03-09T21:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:44:00.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15314 (GCVE-0-2017-15314)
Vulnerability from nvd – Published: 2018-03-09 21:00 – Updated: 2024-08-05 19:50
VLAI?
Summary
Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.
Severity ?
No CVSS data available.
CWE
- Memory Leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300,RP200,TE30,TE40,TE50,TE60 |
Affected:
DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300,RP200,TE30,TE40,TE50,TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2017-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don\u0027t be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T20:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-15314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300,RP200,TE30,TE40,TE50,TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don\u0027t be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-15314",
"datePublished": "2018-03-09T21:00:00",
"dateReserved": "2017-10-14T00:00:00",
"dateUpdated": "2024-08-05T19:50:16.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17303 (GCVE-0-2017-17303)
Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Huawei DP300 V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00B012; V500R002C00B013; V500R002C00B014; V500R002C00B017; V500R002C00B018; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE30 V100R001C10SPC300; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700B010; V500R002C00SPC200; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE40 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE50 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE60 V100R001C10; V100R001C10B001; V100R001C10B002; V100R001C10B010; V100R001C10B011; V100R001C10B012; V100R001C10B013; V100R001C10B014; V100R001C10B016; V100R001C10B017; V100R001C10B018; V100R001C10B019; V100R001C10SPC400; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700; V100R001C10SPC800B011; V100R001C10SPC900; V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; V500R002C00SPCb00; V500R002C00SPCd00; V500R002C00SPCe00; V600R006C00; V600R006C00SPC100; V600R006C00SPC200; V600R006C00SPC300 use the CIDAM protocol, which contains sensitive information in the message when it is implemented. So these products has an information disclosure vulnerability. An authenticated remote attacker could track and get the message of a target system. Successful exploit could allow the attacker to get the information and cause the sensitive information disclosure.
Severity ?
No CVSS data available.
CWE
- information disclosure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: V500R002C00B010 Affected: V500R002C00B011 Affected: V500R002C00B012 Affected: V500R002C00B013 Affected: V500R002C00B014 Affected: V500R002C00B017 Affected: V500R002C00B018 Affected: V500R002C00SPC100 Affected: V500R002C00SPC200 Affected: V500R002C00SPC300 Affected: V500R002C00SPC400 Affected: V500R002C00SPC500 Affected: V500R002C00SPC600 Affected: V500R002C00SPC800 Affected: V500R002C00SPC900 Affected: V500R002C00SPCa00 Affected: RP200 V500R002C00SPC200 Affected: V600R006C00 Affected: V600R006C00SPC200 Affected: V600R006C00SPC300 Affected: TE30 V100R001C10SPC300 Affected: V100R001C10SPC500 Affected: V100R001C10SPC600 Affected: V100R001C10SPC700B010 Affected: V500R002C00SPC700 Affected: V500R002C00SPCb00 Affected: TE40 V500R002C00SPC600 Affected: TE50 V500R002C00SPC600 Affected: TE60 V100R001C10 Affected: V100R001C10B001 Affected: V100R001C10B002 Affected: V100R001C10B010 Affected: V100R001C10B011 Affected: V100R001C10B012 Affected: V100R001C10B013 Affected: V100R001C10B014 Affected: V100R001C10B016 Affected: V100R001C10B017 Affected: V100R001C10B018 Affected: V100R001C10B019 Affected: V100R001C10SPC400 Affected: V100R001C10SPC700 Affected: V100R001C10SPC800B011 Affected: V100R001C10SPC900 Affected: V500R002C00 Affected: V500R002C00SPCd00 Affected: V500R002C00SPCe00 Affected: V600R006C00SPC100 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.515Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-cidam-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00B010"
},
{
"status": "affected",
"version": "V500R002C00B011"
},
{
"status": "affected",
"version": "V500R002C00B012"
},
{
"status": "affected",
"version": "V500R002C00B013"
},
{
"status": "affected",
"version": "V500R002C00B014"
},
{
"status": "affected",
"version": "V500R002C00B017"
},
{
"status": "affected",
"version": "V500R002C00B018"
},
{
"status": "affected",
"version": "V500R002C00SPC100"
},
{
"status": "affected",
"version": "V500R002C00SPC200"
},
{
"status": "affected",
"version": "V500R002C00SPC300"
},
{
"status": "affected",
"version": "V500R002C00SPC400"
},
{
"status": "affected",
"version": "V500R002C00SPC500"
},
{
"status": "affected",
"version": "V500R002C00SPC600"
},
{
"status": "affected",
"version": "V500R002C00SPC800"
},
{
"status": "affected",
"version": "V500R002C00SPC900"
},
{
"status": "affected",
"version": "V500R002C00SPCa00"
},
{
"status": "affected",
"version": "RP200 V500R002C00SPC200"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "V600R006C00SPC200"
},
{
"status": "affected",
"version": "V600R006C00SPC300"
},
{
"status": "affected",
"version": "TE30 V100R001C10SPC300"
},
{
"status": "affected",
"version": "V100R001C10SPC500"
},
{
"status": "affected",
"version": "V100R001C10SPC600"
},
{
"status": "affected",
"version": "V100R001C10SPC700B010"
},
{
"status": "affected",
"version": "V500R002C00SPC700"
},
{
"status": "affected",
"version": "V500R002C00SPCb00"
},
{
"status": "affected",
"version": "TE40 V500R002C00SPC600"
},
{
"status": "affected",
"version": "TE50 V500R002C00SPC600"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
},
{
"status": "affected",
"version": "V100R001C10B001"
},
{
"status": "affected",
"version": "V100R001C10B002"
},
{
"status": "affected",
"version": "V100R001C10B010"
},
{
"status": "affected",
"version": "V100R001C10B011"
},
{
"status": "affected",
"version": "V100R001C10B012"
},
{
"status": "affected",
"version": "V100R001C10B013"
},
{
"status": "affected",
"version": "V100R001C10B014"
},
{
"status": "affected",
"version": "V100R001C10B016"
},
{
"status": "affected",
"version": "V100R001C10B017"
},
{
"status": "affected",
"version": "V100R001C10B018"
},
{
"status": "affected",
"version": "V100R001C10B019"
},
{
"status": "affected",
"version": "V100R001C10SPC400"
},
{
"status": "affected",
"version": "V100R001C10SPC700"
},
{
"status": "affected",
"version": "V100R001C10SPC800B011"
},
{
"status": "affected",
"version": "V100R001C10SPC900"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPCd00"
},
{
"status": "affected",
"version": "V500R002C00SPCe00"
},
{
"status": "affected",
"version": "V600R006C00SPC100"
}
]
}
],
"datePublic": "2017-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00B012; V500R002C00B013; V500R002C00B014; V500R002C00B017; V500R002C00B018; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE30 V100R001C10SPC300; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700B010; V500R002C00SPC200; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE40 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE50 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE60 V100R001C10; V100R001C10B001; V100R001C10B002; V100R001C10B010; V100R001C10B011; V100R001C10B012; V100R001C10B013; V100R001C10B014; V100R001C10B016; V100R001C10B017; V100R001C10B018; V100R001C10B019; V100R001C10SPC400; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700; V100R001C10SPC800B011; V100R001C10SPC900; V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; V500R002C00SPCb00; V500R002C00SPCd00; V500R002C00SPCe00; V600R006C00; V600R006C00SPC100; V600R006C00SPC200; V600R006C00SPC300 use the CIDAM protocol, which contains sensitive information in the message when it is implemented. So these products has an information disclosure vulnerability. An authenticated remote attacker could track and get the message of a target system. Successful exploit could allow the attacker to get the information and cause the sensitive information disclosure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "information disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-cidam-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "V500R002C00B010"
},
{
"version_value": "V500R002C00B011"
},
{
"version_value": "V500R002C00B012"
},
{
"version_value": "V500R002C00B013"
},
{
"version_value": "V500R002C00B014"
},
{
"version_value": "V500R002C00B017"
},
{
"version_value": "V500R002C00B018"
},
{
"version_value": "V500R002C00SPC100"
},
{
"version_value": "V500R002C00SPC200"
},
{
"version_value": "V500R002C00SPC300"
},
{
"version_value": "V500R002C00SPC400"
},
{
"version_value": "V500R002C00SPC500"
},
{
"version_value": "V500R002C00SPC600"
},
{
"version_value": "V500R002C00SPC800"
},
{
"version_value": "V500R002C00SPC900"
},
{
"version_value": "V500R002C00SPCa00"
},
{
"version_value": "RP200 V500R002C00SPC200"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00SPC200"
},
{
"version_value": "V600R006C00SPC300"
},
{
"version_value": "TE30 V100R001C10SPC300"
},
{
"version_value": "V100R001C10SPC500"
},
{
"version_value": "V100R001C10SPC600"
},
{
"version_value": "V100R001C10SPC700B010"
},
{
"version_value": "V500R002C00SPC200"
},
{
"version_value": "V500R002C00SPC500"
},
{
"version_value": "V500R002C00SPC600"
},
{
"version_value": "V500R002C00SPC700"
},
{
"version_value": "V500R002C00SPC900"
},
{
"version_value": "V500R002C00SPCb00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00SPC200"
},
{
"version_value": "V600R006C00SPC300"
},
{
"version_value": "TE40 V500R002C00SPC600"
},
{
"version_value": "V500R002C00SPC700"
},
{
"version_value": "V500R002C00SPC900"
},
{
"version_value": "V500R002C00SPCb00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00SPC200"
},
{
"version_value": "V600R006C00SPC300"
},
{
"version_value": "TE50 V500R002C00SPC600"
},
{
"version_value": "V500R002C00SPC700"
},
{
"version_value": "V500R002C00SPCb00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00SPC200"
},
{
"version_value": "V600R006C00SPC300"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V100R001C10B001"
},
{
"version_value": "V100R001C10B002"
},
{
"version_value": "V100R001C10B010"
},
{
"version_value": "V100R001C10B011"
},
{
"version_value": "V100R001C10B012"
},
{
"version_value": "V100R001C10B013"
},
{
"version_value": "V100R001C10B014"
},
{
"version_value": "V100R001C10B016"
},
{
"version_value": "V100R001C10B017"
},
{
"version_value": "V100R001C10B018"
},
{
"version_value": "V100R001C10B019"
},
{
"version_value": "V100R001C10SPC400"
},
{
"version_value": "V100R001C10SPC500"
},
{
"version_value": "V100R001C10SPC600"
},
{
"version_value": "V100R001C10SPC700"
},
{
"version_value": "V100R001C10SPC800B011"
},
{
"version_value": "V100R001C10SPC900"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00B010"
},
{
"version_value": "V500R002C00B011"
},
{
"version_value": "V500R002C00SPC100"
},
{
"version_value": "V500R002C00SPC200"
},
{
"version_value": "V500R002C00SPC300"
},
{
"version_value": "V500R002C00SPC600"
},
{
"version_value": "V500R002C00SPC700"
},
{
"version_value": "V500R002C00SPC800"
},
{
"version_value": "V500R002C00SPC900"
},
{
"version_value": "V500R002C00SPCa00"
},
{
"version_value": "V500R002C00SPCb00"
},
{
"version_value": "V500R002C00SPCd00"
},
{
"version_value": "V500R002C00SPCe00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00SPC100"
},
{
"version_value": "V600R006C00SPC200"
},
{
"version_value": "V600R006C00SPC300"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00B012; V500R002C00B013; V500R002C00B014; V500R002C00B017; V500R002C00B018; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE30 V100R001C10SPC300; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700B010; V500R002C00SPC200; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE40 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE50 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE60 V100R001C10; V100R001C10B001; V100R001C10B002; V100R001C10B010; V100R001C10B011; V100R001C10B012; V100R001C10B013; V100R001C10B014; V100R001C10B016; V100R001C10B017; V100R001C10B018; V100R001C10B019; V100R001C10SPC400; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700; V100R001C10SPC800B011; V100R001C10SPC900; V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; V500R002C00SPCb00; V500R002C00SPCd00; V500R002C00SPCe00; V600R006C00; V600R006C00SPC100; V600R006C00SPC200; V600R006C00SPC300 use the CIDAM protocol, which contains sensitive information in the message when it is implemented. So these products has an information disclosure vulnerability. An authenticated remote attacker could track and get the message of a target system. Successful exploit could allow the attacker to get the information and cause the sensitive information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "information disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-cidam-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-cidam-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17303",
"datePublished": "2018-03-09T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17281 (GCVE-0-2017-17281)
Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
VLAI?
Summary
SFTP module in Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. A remote, authenticated attacker could exploit this vulnerability by sending specially crafted messages to a target device. Successful exploit may cause some information leak.
Severity ?
No CVSS data available.
CWE
- out-of-bounds read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: V600R006C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.868Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sftp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-02-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SFTP module in Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. A remote, authenticated attacker could exploit this vulnerability by sending specially crafted messages to a target device. Successful exploit may cause some information leak."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sftp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17281",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SFTP module in Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. A remote, authenticated attacker could exploit this vulnerability by sending specially crafted messages to a target device. Successful exploit may cause some information leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sftp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sftp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17281",
"datePublished": "2018-03-09T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:43:59.868Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17220 (GCVE-0-2017-17220)
Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
VLAI?
Summary
SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service.
Severity ?
No CVSS data available.
CWE
- invalid memory access
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V500R002C00 Affected: V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.929Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "invalid memory access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "invalid memory access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17220",
"datePublished": "2018-03-09T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:43:59.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17219 (GCVE-0-2017-17219)
Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:44
VLAI?
Summary
SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service.
Severity ?
No CVSS data available.
CWE
- invalid memory access
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V500R002C00 Affected: V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:44:00.349Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "invalid memory access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "invalid memory access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17219",
"datePublished": "2018-03-09T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:44:00.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17218 (GCVE-0-2017-17218)
Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:44
VLAI?
Summary
SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:44:00.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17218",
"datePublished": "2018-03-09T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:44:00.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17217 (GCVE-0-2017-17217)
Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:44
VLAI?
Summary
Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds write vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service.
Severity ?
No CVSS data available.
CWE
- out-of-bounds write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V500R002C00SPC200 Affected: V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:44:00.034Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V500R002C00SPC200"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds write vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V500R002C00SPC200"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds write vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17217",
"datePublished": "2018-03-09T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:44:00.034Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17216 (GCVE-0-2017-17216)
Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
VLAI?
Summary
Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may cause process reboot.
Severity ?
No CVSS data available.
CWE
- out-of-bounds read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V500R002C00SPC200 Affected: V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.854Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V500R002C00SPC200"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may cause process reboot."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17216",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V500R002C00SPC200"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may cause process reboot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17216",
"datePublished": "2018-03-09T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:43:59.854Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17200 (GCVE-0-2017-17200)
Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
VLAI?
Summary
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable.
Severity ?
No CVSS data available.
CWE
- out-of-bounds read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V500R002C00 Affected: V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.891Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17200",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17200",
"datePublished": "2018-03-09T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:43:59.891Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17199 (GCVE-0-2017-17199)
Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
VLAI?
Summary
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable.
Severity ?
No CVSS data available.
CWE
- out-of-bounds read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V500R002C00 Affected: V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17199",
"datePublished": "2018-03-09T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:43:59.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17150 (GCVE-0-2017-17150)
Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
VLAI?
Summary
Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an DoS vulnerability due to insufficient validation of the parameter. An authenticated local attacker may call a special API with special parameter, which cause an infinite loop. Successful exploit of this vulnerability can allow an attacker to launch DOS attack.
Severity ?
No CVSS data available.
CWE
- DoS
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V500R002C00 Affected: V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-vpp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2017-12-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an DoS vulnerability due to insufficient validation of the parameter. An authenticated local attacker may call a special API with special parameter, which cause an infinite loop. Successful exploit of this vulnerability can allow an attacker to launch DOS attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-vpp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17150",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an DoS vulnerability due to insufficient validation of the parameter. An authenticated local attacker may call a special API with special parameter, which cause an infinite loop. Successful exploit of this vulnerability can allow an attacker to launch DOS attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-vpp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-vpp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17150",
"datePublished": "2018-03-09T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:43:59.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19414 (GCVE-0-2019-19414)
Vulnerability from cvelistv5 – Published: 2020-01-21 22:54 – Updated: 2024-08-05 02:16
VLAI?
Summary
There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
Severity ?
No CVSS data available.
CWE
- Two Integer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60 |
Affected:
V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50
Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800 Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50 Affected: V100R005C00,V100R005C10,V200R001C00,V200R002C50 Affected: V100R003C00,V100R004C10 Affected: V500R002C00 Affected: V500R002C00SPC200,V600R006C00 Affected: V100R001C10,V600R006C00 Affected: V600R006C00 Affected: V100R001C10,V500R002C00,V600R006C00 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:47.054Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R003C00,V100R004C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC200,V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V600R006C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V500R002C00,V600R006C00"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Two Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-21T22:54:32",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-19414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"version": {
"version_data": [
{
"version_value": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"version_value": "V100R003C00,V100R004C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC200,V600R006C00"
},
{
"version_value": "V100R001C10,V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V100R001C10,V500R002C00,V600R006C00"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Two Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-19414",
"datePublished": "2020-01-21T22:54:32",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-05T02:16:47.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19413 (GCVE-0-2019-19413)
Vulnerability from cvelistv5 – Published: 2020-01-21 22:54 – Updated: 2024-08-05 02:16
VLAI?
Summary
There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
Severity ?
No CVSS data available.
CWE
- Two Integer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60 |
Affected:
V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50
Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800 Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50 Affected: V100R005C00,V100R005C10,V200R001C00,V200R002C50 Affected: V100R003C00,V100R004C10 Affected: V500R002C00 Affected: V500R002C00SPC200,V600R006C00 Affected: V100R001C10,V600R006C00 Affected: V600R006C00 Affected: V100R001C10,V500R002C00,V600R006C00 Affected: unspecified |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:47.085Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"status": "affected",
"version": "V100R003C00,V100R004C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V500R002C00SPC200,V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V600R006C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "V100R001C10,V500R002C00,V600R006C00"
},
{
"status": "affected",
"version": "unspecified"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Two Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-21T22:54:22",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-19413",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
"version": {
"version_data": [
{
"version_value": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
},
{
"version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
},
{
"version_value": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
},
{
"version_value": "V100R003C00,V100R004C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V500R002C00SPC200,V600R006C00"
},
{
"version_value": "V100R001C10,V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "V100R001C10,V500R002C00,V600R006C00"
},
{
"version_value": ""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Two Integer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-19413",
"datePublished": "2020-01-21T22:54:22",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-05T02:16:47.085Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17317 (GCVE-0-2017-17317)
Vulnerability from cvelistv5 – Published: 2018-07-02 13:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal.
Severity ?
No CVSS data available.
CWE
- buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60 |
Affected:
USG6300 V100R001C10
Affected: V100R001C20 Affected: V100R001C30 Affected: V500R001C00 Affected: V500R001C20 Affected: V500R001C30 Affected: V500R001C50 Affected: Secospace USG6500 V100R001C10 Affected: Secospace USG6600 V100R001C00 Affected: TE30 V100R001C02 Affected: V100R001C10 Affected: V500R002C00 Affected: V600R006C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C01 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.748Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "USG6300 V100R001C10"
},
{
"status": "affected",
"version": "V100R001C20"
},
{
"status": "affected",
"version": "V100R001C30"
},
{
"status": "affected",
"version": "V500R001C00"
},
{
"status": "affected",
"version": "V500R001C20"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C50"
},
{
"status": "affected",
"version": "Secospace USG6500 V100R001C10"
},
{
"status": "affected",
"version": "Secospace USG6600 V100R001C00"
},
{
"status": "affected",
"version": "TE30 V100R001C02"
},
{
"status": "affected",
"version": "V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C01"
}
]
}
],
"datePublic": "2018-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-02T12:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17317",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "USG6300 V100R001C10"
},
{
"version_value": "V100R001C20"
},
{
"version_value": "V100R001C30"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "Secospace USG6500 V100R001C10"
},
{
"version_value": "V100R001C20"
},
{
"version_value": "V100R001C30"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "Secospace USG6600 V100R001C00"
},
{
"version_value": "V100R001C20"
},
{
"version_value": "V100R001C30"
},
{
"version_value": "V500R001C00"
},
{
"version_value": "V500R001C20"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C50"
},
{
"version_value": "TE30 V100R001C02"
},
{
"version_value": "V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C01"
},
{
"version_value": "V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17317",
"datePublished": "2018-07-02T13:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17316 (GCVE-0-2017-17316)
Vulnerability from cvelistv5 – Published: 2018-07-02 13:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal.
Severity ?
No CVSS data available.
CWE
- out-of-bounds read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V500R002C00 Affected: V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:31.142Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-06-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-02T12:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17316",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17316",
"datePublished": "2018-07-02T13:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:31.142Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17315 (GCVE-0-2017-17315)
Vulnerability from cvelistv5 – Published: 2018-05-24 14:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal.
Severity ?
No CVSS data available.
CWE
- numeric errors
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; RP200; TE30; TE40; TE50; TE60 |
Affected:
DP300 V500R002C00
Affected: RP200 V600R006C00 Affected: TE30 V100R001C10 Affected: V500R002C00 Affected: V600R006C00 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C10 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.557Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; RP200; TE30; TE40; TE50; TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "RP200 V600R006C00"
},
{
"status": "affected",
"version": "TE30 V100R001C10"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C10"
}
]
}
],
"datePublic": "2018-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "numeric errors",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-05-24T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "RP200 V600R006C00"
},
{
"version_value": "TE30 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "numeric errors"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17315",
"datePublished": "2018-05-24T14:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17314 (GCVE-0-2017-17314)
Vulnerability from cvelistv5 – Published: 2018-04-30 14:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal.
Severity ?
No CVSS data available.
CWE
- invalid memory access
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-04-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "invalid memory access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-30T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "invalid memory access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17314",
"datePublished": "2018-04-30T14:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17310 (GCVE-0-2017-17310)
Vulnerability from cvelistv5 – Published: 2018-04-19 14:00 – Updated: 2024-09-16 23:41
VLAI?
Summary
Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal.
Severity ?
No CVSS data available.
CWE
- buffer error
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-19T13:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC": "2018-04-18T00:00:00",
"ID": "CVE-2017-17310",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17310",
"datePublished": "2018-04-19T14:00:00Z",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-09-16T23:41:48.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17308 (GCVE-0-2017-17308)
Vulnerability from cvelistv5 – Published: 2018-04-11 17:00 – Updated: 2024-08-05 20:51
VLAI?
Summary
SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal.
Severity ?
No CVSS data available.
CWE
- invalid memory access
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:51:30.591Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "invalid memory access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-11T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17308",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "invalid memory access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17308",
"datePublished": "2018-04-11T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:51:30.591Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17282 (GCVE-0-2017-17282)
Vulnerability from cvelistv5 – Published: 2018-03-09 21:00 – Updated: 2024-08-05 20:44
VLAI?
Summary
SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal.
Severity ?
No CVSS data available.
CWE
- buffer overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300, RP200, TE30, TE40, TE50, TE60 |
Affected:
DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:44:00.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300, RP200, TE30, TE40, TE50, TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2018-02-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "buffer overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T20:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17282",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "buffer overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17282",
"datePublished": "2018-03-09T21:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:44:00.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15314 (GCVE-0-2017-15314)
Vulnerability from cvelistv5 – Published: 2018-03-09 21:00 – Updated: 2024-08-05 19:50
VLAI?
Summary
Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.
Severity ?
No CVSS data available.
CWE
- Memory Leak
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300,RP200,TE30,TE40,TE50,TE60 |
Affected:
DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.500Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300,RP200,TE30,TE40,TE50,TE60",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
],
"datePublic": "2017-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don\u0027t be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T20:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-15314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300,RP200,TE30,TE40,TE50,TE60",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don\u0027t be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-15314",
"datePublished": "2018-03-09T21:00:00",
"dateReserved": "2017-10-14T00:00:00",
"dateUpdated": "2024-08-05T19:50:16.500Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}