Search

Find a vulnerability

Search criteria

    130 vulnerabilities found for rp200_firmware by huawei

    CVE-2019-19414 (GCVE-0-2019-19414)

    Vulnerability from nvd – Published: 2020-01-21 22:54 – Updated: 2024-08-05 02:16
    VLAI
    Summary
    There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
    Severity
    No CVSS data available.
    CWE
    • Two Integer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60 Affected: V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50
    Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800
    Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50
    Affected: V100R005C00,V100R005C10,V200R001C00,V200R002C50
    Affected: V100R003C00,V100R004C10
    Affected: V500R002C00
    Affected: V500R002C00SPC200,V600R006C00
    Affected: V100R001C10,V600R006C00
    Affected: V600R006C00
    Affected: V100R001C10,V500R002C00,V600R006C00
    Affected: unspecified
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T02:16:47.054Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
                },
                {
                  "status": "affected",
                  "version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
                },
                {
                  "status": "affected",
                  "version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
                },
                {
                  "status": "affected",
                  "version": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
                },
                {
                  "status": "affected",
                  "version": "V100R003C00,V100R004C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPC200,V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10,V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10,V500R002C00,V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "unspecified"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Two Integer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-21T22:54:32.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-19414",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
                              },
                              {
                                "version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
                              },
                              {
                                "version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
                              },
                              {
                                "version_value": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
                              },
                              {
                                "version_value": "V100R003C00,V100R004C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V500R002C00SPC200,V600R006C00"
                              },
                              {
                                "version_value": "V100R001C10,V600R006C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "V100R001C10,V500R002C00,V600R006C00"
                              },
                              {
                                "version_value": ""
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Two Integer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-19414",
        "datePublished": "2020-01-21T22:54:32.000Z",
        "dateReserved": "2019-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-05T02:16:47.054Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-19413 (GCVE-0-2019-19413)

    Vulnerability from nvd – Published: 2020-01-21 22:54 – Updated: 2024-08-05 02:16
    VLAI
    Summary
    There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
    Severity
    No CVSS data available.
    CWE
    • Two Integer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60 Affected: V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50
    Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800
    Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50
    Affected: V100R005C00,V100R005C10,V200R001C00,V200R002C50
    Affected: V100R003C00,V100R004C10
    Affected: V500R002C00
    Affected: V500R002C00SPC200,V600R006C00
    Affected: V100R001C10,V600R006C00
    Affected: V600R006C00
    Affected: V100R001C10,V500R002C00,V600R006C00
    Affected: unspecified
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T02:16:47.085Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
                },
                {
                  "status": "affected",
                  "version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
                },
                {
                  "status": "affected",
                  "version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
                },
                {
                  "status": "affected",
                  "version": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
                },
                {
                  "status": "affected",
                  "version": "V100R003C00,V100R004C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPC200,V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10,V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10,V500R002C00,V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "unspecified"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Two Integer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-21T22:54:22.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-19413",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
                              },
                              {
                                "version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
                              },
                              {
                                "version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
                              },
                              {
                                "version_value": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
                              },
                              {
                                "version_value": "V100R003C00,V100R004C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V500R002C00SPC200,V600R006C00"
                              },
                              {
                                "version_value": "V100R001C10,V600R006C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "V100R001C10,V500R002C00,V600R006C00"
                              },
                              {
                                "version_value": ""
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Two Integer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-19413",
        "datePublished": "2020-01-21T22:54:22.000Z",
        "dateReserved": "2019-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-05T02:16:47.085Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17317 (GCVE-0-2017-17317)

    Vulnerability from nvd – Published: 2018-07-02 13:00 – Updated: 2024-08-05 20:51
    VLAI
    Summary
    Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal.
    Severity
    No CVSS data available.
    CWE
    • buffer overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60 Affected: USG6300 V100R001C10
    Affected: V100R001C20
    Affected: V100R001C30
    Affected: V500R001C00
    Affected: V500R001C20
    Affected: V500R001C30
    Affected: V500R001C50
    Affected: Secospace USG6500 V100R001C10
    Affected: Secospace USG6600 V100R001C00
    Affected: TE30 V100R001C02
    Affected: V100R001C10
    Affected: V500R002C00
    Affected: V600R006C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C01
    Create a notification for this product.
    Date Public
    2018-06-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:30.748Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "USG6300 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V100R001C20"
                },
                {
                  "status": "affected",
                  "version": "V100R001C30"
                },
                {
                  "status": "affected",
                  "version": "V500R001C00"
                },
                {
                  "status": "affected",
                  "version": "V500R001C20"
                },
                {
                  "status": "affected",
                  "version": "V500R001C30"
                },
                {
                  "status": "affected",
                  "version": "V500R001C50"
                },
                {
                  "status": "affected",
                  "version": "Secospace USG6500 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "Secospace USG6600 V100R001C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C02"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C01"
                }
              ]
            }
          ],
          "datePublic": "2018-06-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-07-02T12:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17317",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "USG6300 V100R001C10"
                              },
                              {
                                "version_value": "V100R001C20"
                              },
                              {
                                "version_value": "V100R001C30"
                              },
                              {
                                "version_value": "V500R001C00"
                              },
                              {
                                "version_value": "V500R001C20"
                              },
                              {
                                "version_value": "V500R001C30"
                              },
                              {
                                "version_value": "V500R001C50"
                              },
                              {
                                "version_value": "Secospace USG6500 V100R001C10"
                              },
                              {
                                "version_value": "V100R001C20"
                              },
                              {
                                "version_value": "V100R001C30"
                              },
                              {
                                "version_value": "V500R001C00"
                              },
                              {
                                "version_value": "V500R001C20"
                              },
                              {
                                "version_value": "V500R001C30"
                              },
                              {
                                "version_value": "V500R001C50"
                              },
                              {
                                "version_value": "Secospace USG6600 V100R001C00"
                              },
                              {
                                "version_value": "V100R001C20"
                              },
                              {
                                "version_value": "V100R001C30"
                              },
                              {
                                "version_value": "V500R001C00"
                              },
                              {
                                "version_value": "V500R001C20"
                              },
                              {
                                "version_value": "V500R001C30"
                              },
                              {
                                "version_value": "V500R001C50"
                              },
                              {
                                "version_value": "TE30 V100R001C02"
                              },
                              {
                                "version_value": "V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C01"
                              },
                              {
                                "version_value": "V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17317",
        "datePublished": "2018-07-02T13:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:51:30.748Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17316 (GCVE-0-2017-17316)

    Vulnerability from nvd – Published: 2018-07-02 13:00 – Updated: 2024-08-05 20:51
    VLAI
    Summary
    Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal.
    Severity
    No CVSS data available.
    CWE
    • out-of-bounds read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; RP200; TE30; TE40; TE50; TE60 Affected: DP300 V500R002C00
    Affected: RP200 V500R002C00
    Affected: V600R006C00
    Affected: TE30 V100R001C10
    Affected: V500R002C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C10
    Create a notification for this product.
    Date Public
    2018-06-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:31.142Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; RP200; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "RP200 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C10"
                }
              ]
            }
          ],
          "datePublic": "2018-06-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "out-of-bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-07-02T12:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17316",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00"
                              },
                              {
                                "version_value": "RP200 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE30 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "out-of-bounds read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17316",
        "datePublished": "2018-07-02T13:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:51:31.142Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17315 (GCVE-0-2017-17315)

    Vulnerability from nvd – Published: 2018-05-24 14:00 – Updated: 2024-08-05 20:51
    VLAI
    Summary
    Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal.
    Severity
    No CVSS data available.
    CWE
    • numeric errors
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; RP200; TE30; TE40; TE50; TE60 Affected: DP300 V500R002C00
    Affected: RP200 V600R006C00
    Affected: TE30 V100R001C10
    Affected: V500R002C00
    Affected: V600R006C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C10
    Create a notification for this product.
    Date Public
    2018-05-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:30.557Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; RP200; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "RP200 V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C10"
                }
              ]
            }
          ],
          "datePublic": "2018-05-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "numeric errors",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-05-24T13:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17315",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00"
                              },
                              {
                                "version_value": "RP200 V600R006C00"
                              },
                              {
                                "version_value": "TE30 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "numeric errors"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17315",
        "datePublished": "2018-05-24T14:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:51:30.557Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17314 (GCVE-0-2017-17314)

    Vulnerability from nvd – Published: 2018-04-30 14:00 – Updated: 2024-08-05 20:51
    VLAI
    Summary
    Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal.
    Severity
    No CVSS data available.
    CWE
    • invalid memory access
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300, RP200, TE30, TE40, TE50, TE60 Affected: DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
    Create a notification for this product.
    Date Public
    2018-04-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:30.553Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300, RP200, TE30, TE40, TE50, TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                }
              ]
            }
          ],
          "datePublic": "2018-04-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "invalid memory access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-04-30T13:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17314",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "invalid memory access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17314",
        "datePublished": "2018-04-30T14:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:51:30.553Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17310 (GCVE-0-2017-17310)

    Vulnerability from nvd – Published: 2018-04-19 14:00 – Updated: 2024-09-16 23:41
    VLAI
    Summary
    Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal.
    Severity
    No CVSS data available.
    CWE
    • buffer error
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300, RP200, TE30, TE40, TE50, TE60 Affected: DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
    Create a notification for this product.
    Date Public
    2018-04-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:30.703Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300, RP200, TE30, TE40, TE50, TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                }
              ]
            }
          ],
          "datePublic": "2018-04-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer error",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-04-19T13:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "DATE_PUBLIC": "2018-04-18T00:00:00",
              "ID": "CVE-2017-17310",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer error"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17310",
        "datePublished": "2018-04-19T14:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:41:48.428Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17308 (GCVE-0-2017-17308)

    Vulnerability from nvd – Published: 2018-04-11 17:00 – Updated: 2024-08-05 20:51
    VLAI
    Summary
    SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal.
    Severity
    No CVSS data available.
    CWE
    • invalid memory access
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300, RP200, TE30, TE40, TE50, TE60 Affected: DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
    Create a notification for this product.
    Date Public
    2018-04-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:30.591Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300, RP200, TE30, TE40, TE50, TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                }
              ]
            }
          ],
          "datePublic": "2018-04-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "invalid memory access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-04-11T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17308",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "invalid memory access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17308",
        "datePublished": "2018-04-11T17:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:51:30.591Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17282 (GCVE-0-2017-17282)

    Vulnerability from nvd – Published: 2018-03-09 21:00 – Updated: 2024-08-05 20:44
    VLAI
    Summary
    SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal.
    Severity
    No CVSS data available.
    CWE
    • buffer overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300, RP200, TE30, TE40, TE50, TE60 Affected: DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
    Create a notification for this product.
    Date Public
    2018-02-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:44:00.050Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300, RP200, TE30, TE40, TE50, TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                }
              ]
            }
          ],
          "datePublic": "2018-02-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T20:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17282",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17282",
        "datePublished": "2018-03-09T21:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:44:00.050Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-15314 (GCVE-0-2017-15314)

    Vulnerability from nvd – Published: 2018-03-09 21:00 – Updated: 2024-08-05 19:50
    VLAI
    Summary
    Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.
    Severity
    No CVSS data available.
    CWE
    • Memory Leak
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300,RP200,TE30,TE40,TE50,TE60 Affected: DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
    Create a notification for this product.
    Date Public
    2017-11-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:50:16.500Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300,RP200,TE30,TE40,TE50,TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                }
              ]
            }
          ],
          "datePublic": "2017-11-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don\u0027t be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Memory Leak",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T20:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-15314",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300,RP200,TE30,TE40,TE50,TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don\u0027t be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Memory Leak"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-15314",
        "datePublished": "2018-03-09T21:00:00.000Z",
        "dateReserved": "2017-10-14T00:00:00.000Z",
        "dateUpdated": "2024-08-05T19:50:16.500Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17303 (GCVE-0-2017-17303)

    Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:51
    VLAI
    Summary
    Huawei DP300 V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00B012; V500R002C00B013; V500R002C00B014; V500R002C00B017; V500R002C00B018; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE30 V100R001C10SPC300; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700B010; V500R002C00SPC200; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE40 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE50 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE60 V100R001C10; V100R001C10B001; V100R001C10B002; V100R001C10B010; V100R001C10B011; V100R001C10B012; V100R001C10B013; V100R001C10B014; V100R001C10B016; V100R001C10B017; V100R001C10B018; V100R001C10B019; V100R001C10SPC400; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700; V100R001C10SPC800B011; V100R001C10SPC900; V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; V500R002C00SPCb00; V500R002C00SPCd00; V500R002C00SPCe00; V600R006C00; V600R006C00SPC100; V600R006C00SPC200; V600R006C00SPC300 use the CIDAM protocol, which contains sensitive information in the message when it is implemented. So these products has an information disclosure vulnerability. An authenticated remote attacker could track and get the message of a target system. Successful exploit could allow the attacker to get the information and cause the sensitive information disclosure.
    Severity
    No CVSS data available.
    CWE
    • information disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; RP200; TE30; TE40; TE50; TE60 Affected: DP300 V500R002C00
    Affected: V500R002C00B010
    Affected: V500R002C00B011
    Affected: V500R002C00B012
    Affected: V500R002C00B013
    Affected: V500R002C00B014
    Affected: V500R002C00B017
    Affected: V500R002C00B018
    Affected: V500R002C00SPC100
    Affected: V500R002C00SPC200
    Affected: V500R002C00SPC300
    Affected: V500R002C00SPC400
    Affected: V500R002C00SPC500
    Affected: V500R002C00SPC600
    Affected: V500R002C00SPC800
    Affected: V500R002C00SPC900
    Affected: V500R002C00SPCa00
    Affected: RP200 V500R002C00SPC200
    Affected: V600R006C00
    Affected: V600R006C00SPC200
    Affected: V600R006C00SPC300
    Affected: TE30 V100R001C10SPC300
    Affected: V100R001C10SPC500
    Affected: V100R001C10SPC600
    Affected: V100R001C10SPC700B010
    Affected: V500R002C00SPC700
    Affected: V500R002C00SPCb00
    Affected: TE40 V500R002C00SPC600
    Affected: TE50 V500R002C00SPC600
    Affected: TE60 V100R001C10
    Affected: V100R001C10B001
    Affected: V100R001C10B002
    Affected: V100R001C10B010
    Affected: V100R001C10B011
    Affected: V100R001C10B012
    Affected: V100R001C10B013
    Affected: V100R001C10B014
    Affected: V100R001C10B016
    Affected: V100R001C10B017
    Affected: V100R001C10B018
    Affected: V100R001C10B019
    Affected: V100R001C10SPC400
    Affected: V100R001C10SPC700
    Affected: V100R001C10SPC800B011
    Affected: V100R001C10SPC900
    Affected: V500R002C00
    Affected: V500R002C00SPCd00
    Affected: V500R002C00SPCe00
    Affected: V600R006C00SPC100
    Create a notification for this product.
    Date Public
    2017-12-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:30.515Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-cidam-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; RP200; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00B010"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00B011"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00B012"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00B013"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00B014"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00B017"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00B018"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPC100"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPC200"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPC300"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPC400"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPC500"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPC600"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPC800"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPC900"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPCa00"
                },
                {
                  "status": "affected",
                  "version": "RP200 V500R002C00SPC200"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00SPC200"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00SPC300"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C10SPC300"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10SPC500"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10SPC600"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10SPC700B010"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPC700"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPCb00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00SPC600"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00SPC600"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10B001"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10B002"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10B010"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10B011"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10B012"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10B013"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10B014"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10B016"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10B017"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10B018"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10B019"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10SPC400"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10SPC700"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10SPC800B011"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10SPC900"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPCd00"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPCe00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00SPC100"
                }
              ]
            }
          ],
          "datePublic": "2017-12-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei DP300 V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00B012; V500R002C00B013; V500R002C00B014; V500R002C00B017; V500R002C00B018; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE30 V100R001C10SPC300; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700B010; V500R002C00SPC200; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE40 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE50 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE60 V100R001C10; V100R001C10B001; V100R001C10B002; V100R001C10B010; V100R001C10B011; V100R001C10B012; V100R001C10B013; V100R001C10B014; V100R001C10B016; V100R001C10B017; V100R001C10B018; V100R001C10B019; V100R001C10SPC400; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700; V100R001C10SPC800B011; V100R001C10SPC900; V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; V500R002C00SPCb00; V500R002C00SPCd00; V500R002C00SPCe00; V600R006C00; V600R006C00SPC100; V600R006C00SPC200; V600R006C00SPC300 use the CIDAM protocol, which contains sensitive information in the message when it is implemented. So these products has an information disclosure vulnerability. An authenticated remote attacker could track and get the message of a target system. Successful exploit could allow the attacker to get the information and cause the sensitive information disclosure."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "information disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-cidam-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17303",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00"
                              },
                              {
                                "version_value": "V500R002C00B010"
                              },
                              {
                                "version_value": "V500R002C00B011"
                              },
                              {
                                "version_value": "V500R002C00B012"
                              },
                              {
                                "version_value": "V500R002C00B013"
                              },
                              {
                                "version_value": "V500R002C00B014"
                              },
                              {
                                "version_value": "V500R002C00B017"
                              },
                              {
                                "version_value": "V500R002C00B018"
                              },
                              {
                                "version_value": "V500R002C00SPC100"
                              },
                              {
                                "version_value": "V500R002C00SPC200"
                              },
                              {
                                "version_value": "V500R002C00SPC300"
                              },
                              {
                                "version_value": "V500R002C00SPC400"
                              },
                              {
                                "version_value": "V500R002C00SPC500"
                              },
                              {
                                "version_value": "V500R002C00SPC600"
                              },
                              {
                                "version_value": "V500R002C00SPC800"
                              },
                              {
                                "version_value": "V500R002C00SPC900"
                              },
                              {
                                "version_value": "V500R002C00SPCa00"
                              },
                              {
                                "version_value": "RP200 V500R002C00SPC200"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "V600R006C00SPC200"
                              },
                              {
                                "version_value": "V600R006C00SPC300"
                              },
                              {
                                "version_value": "TE30 V100R001C10SPC300"
                              },
                              {
                                "version_value": "V100R001C10SPC500"
                              },
                              {
                                "version_value": "V100R001C10SPC600"
                              },
                              {
                                "version_value": "V100R001C10SPC700B010"
                              },
                              {
                                "version_value": "V500R002C00SPC200"
                              },
                              {
                                "version_value": "V500R002C00SPC500"
                              },
                              {
                                "version_value": "V500R002C00SPC600"
                              },
                              {
                                "version_value": "V500R002C00SPC700"
                              },
                              {
                                "version_value": "V500R002C00SPC900"
                              },
                              {
                                "version_value": "V500R002C00SPCb00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "V600R006C00SPC200"
                              },
                              {
                                "version_value": "V600R006C00SPC300"
                              },
                              {
                                "version_value": "TE40 V500R002C00SPC600"
                              },
                              {
                                "version_value": "V500R002C00SPC700"
                              },
                              {
                                "version_value": "V500R002C00SPC900"
                              },
                              {
                                "version_value": "V500R002C00SPCb00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "V600R006C00SPC200"
                              },
                              {
                                "version_value": "V600R006C00SPC300"
                              },
                              {
                                "version_value": "TE50 V500R002C00SPC600"
                              },
                              {
                                "version_value": "V500R002C00SPC700"
                              },
                              {
                                "version_value": "V500R002C00SPCb00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "V600R006C00SPC200"
                              },
                              {
                                "version_value": "V600R006C00SPC300"
                              },
                              {
                                "version_value": "TE60 V100R001C10"
                              },
                              {
                                "version_value": "V100R001C10B001"
                              },
                              {
                                "version_value": "V100R001C10B002"
                              },
                              {
                                "version_value": "V100R001C10B010"
                              },
                              {
                                "version_value": "V100R001C10B011"
                              },
                              {
                                "version_value": "V100R001C10B012"
                              },
                              {
                                "version_value": "V100R001C10B013"
                              },
                              {
                                "version_value": "V100R001C10B014"
                              },
                              {
                                "version_value": "V100R001C10B016"
                              },
                              {
                                "version_value": "V100R001C10B017"
                              },
                              {
                                "version_value": "V100R001C10B018"
                              },
                              {
                                "version_value": "V100R001C10B019"
                              },
                              {
                                "version_value": "V100R001C10SPC400"
                              },
                              {
                                "version_value": "V100R001C10SPC500"
                              },
                              {
                                "version_value": "V100R001C10SPC600"
                              },
                              {
                                "version_value": "V100R001C10SPC700"
                              },
                              {
                                "version_value": "V100R001C10SPC800B011"
                              },
                              {
                                "version_value": "V100R001C10SPC900"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V500R002C00B010"
                              },
                              {
                                "version_value": "V500R002C00B011"
                              },
                              {
                                "version_value": "V500R002C00SPC100"
                              },
                              {
                                "version_value": "V500R002C00SPC200"
                              },
                              {
                                "version_value": "V500R002C00SPC300"
                              },
                              {
                                "version_value": "V500R002C00SPC600"
                              },
                              {
                                "version_value": "V500R002C00SPC700"
                              },
                              {
                                "version_value": "V500R002C00SPC800"
                              },
                              {
                                "version_value": "V500R002C00SPC900"
                              },
                              {
                                "version_value": "V500R002C00SPCa00"
                              },
                              {
                                "version_value": "V500R002C00SPCb00"
                              },
                              {
                                "version_value": "V500R002C00SPCd00"
                              },
                              {
                                "version_value": "V500R002C00SPCe00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "V600R006C00SPC100"
                              },
                              {
                                "version_value": "V600R006C00SPC200"
                              },
                              {
                                "version_value": "V600R006C00SPC300"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei DP300 V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00B012; V500R002C00B013; V500R002C00B014; V500R002C00B017; V500R002C00B018; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE30 V100R001C10SPC300; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700B010; V500R002C00SPC200; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE40 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE50 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE60 V100R001C10; V100R001C10B001; V100R001C10B002; V100R001C10B010; V100R001C10B011; V100R001C10B012; V100R001C10B013; V100R001C10B014; V100R001C10B016; V100R001C10B017; V100R001C10B018; V100R001C10B019; V100R001C10SPC400; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700; V100R001C10SPC800B011; V100R001C10SPC900; V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; V500R002C00SPCb00; V500R002C00SPCd00; V500R002C00SPCe00; V600R006C00; V600R006C00SPC100; V600R006C00SPC200; V600R006C00SPC300 use the CIDAM protocol, which contains sensitive information in the message when it is implemented. So these products has an information disclosure vulnerability. An authenticated remote attacker could track and get the message of a target system. Successful exploit could allow the attacker to get the information and cause the sensitive information disclosure."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "information disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-cidam-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-cidam-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17303",
        "datePublished": "2018-03-09T17:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:51:30.515Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17281 (GCVE-0-2017-17281)

    Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
    VLAI
    Summary
    SFTP module in Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. A remote, authenticated attacker could exploit this vulnerability by sending specially crafted messages to a target device. Successful exploit may cause some information leak.
    Severity
    No CVSS data available.
    CWE
    • out-of-bounds read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; RP200; TE30; TE40; TE50; TE60 Affected: DP300 V500R002C00
    Affected: RP200 V600R006C00
    Affected: TE30 V100R001C10
    Affected: V500R002C00
    Affected: V600R006C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C10
    Create a notification for this product.
    Date Public
    2018-02-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:43:59.868Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sftp-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; RP200; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "RP200 V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C10"
                }
              ]
            }
          ],
          "datePublic": "2018-02-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SFTP module in Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. A remote, authenticated attacker could exploit this vulnerability by sending specially crafted messages to a target device. Successful exploit may cause some information leak."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "out-of-bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sftp-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17281",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00"
                              },
                              {
                                "version_value": "RP200 V600R006C00"
                              },
                              {
                                "version_value": "TE30 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SFTP module in Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. A remote, authenticated attacker could exploit this vulnerability by sending specially crafted messages to a target device. Successful exploit may cause some information leak."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "out-of-bounds read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sftp-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sftp-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17281",
        "datePublished": "2018-03-09T17:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:43:59.868Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17220 (GCVE-0-2017-17220)

    Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
    VLAI
    Summary
    SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service.
    Severity
    No CVSS data available.
    CWE
    • invalid memory access
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; RP200; TE30; TE40; TE50; TE60 Affected: DP300 V500R002C00
    Affected: RP200 V500R002C00
    Affected: V600R006C00
    Affected: TE30 V100R001C10
    Affected: V500R002C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C10
    Create a notification for this product.
    Date Public
    2018-02-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:43:59.929Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; RP200; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "RP200 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C10"
                }
              ]
            }
          ],
          "datePublic": "2018-02-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "invalid memory access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17220",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00"
                              },
                              {
                                "version_value": "RP200 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE30 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "invalid memory access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17220",
        "datePublished": "2018-03-09T17:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:43:59.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17219 (GCVE-0-2017-17219)

    Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:44
    VLAI
    Summary
    SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service.
    Severity
    No CVSS data available.
    CWE
    • invalid memory access
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; RP200; TE30; TE40; TE50; TE60 Affected: DP300 V500R002C00
    Affected: RP200 V500R002C00
    Affected: V600R006C00
    Affected: TE30 V100R001C10
    Affected: V500R002C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C10
    Create a notification for this product.
    Date Public
    2018-02-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:44:00.349Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; RP200; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "RP200 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C10"
                }
              ]
            }
          ],
          "datePublic": "2018-02-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "invalid memory access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17219",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00"
                              },
                              {
                                "version_value": "RP200 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE30 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an invalid memory access vulnerabilities. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "invalid memory access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17219",
        "datePublished": "2018-03-09T17:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:44:00.349Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17218 (GCVE-0-2017-17218)

    Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:44
    VLAI
    Summary
    SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2018-02-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:44:00.502Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2018-02-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17218",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SCCPX module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-sccpx-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17218",
        "datePublished": "2018-03-09T17:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:44:00.502Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17217 (GCVE-0-2017-17217)

    Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:44
    VLAI
    Summary
    Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds write vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service.
    Severity
    No CVSS data available.
    CWE
    • out-of-bounds write
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; RP200; TE30; TE40; TE50; TE60 Affected: DP300 V500R002C00
    Affected: RP200 V500R002C00SPC200
    Affected: V600R006C00
    Affected: TE30 V100R001C10
    Affected: V500R002C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C10
    Create a notification for this product.
    Date Public
    2018-01-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:44:00.034Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; RP200; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "RP200 V500R002C00SPC200"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C10"
                }
              ]
            }
          ],
          "datePublic": "2018-01-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds write vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "out-of-bounds write",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17217",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00"
                              },
                              {
                                "version_value": "RP200 V500R002C00SPC200"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE30 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds write vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "out-of-bounds write"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17217",
        "datePublished": "2018-03-09T17:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:44:00.034Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17216 (GCVE-0-2017-17216)

    Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
    VLAI
    Summary
    Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may cause process reboot.
    Severity
    No CVSS data available.
    CWE
    • out-of-bounds read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; RP200; TE30; TE40; TE50; TE60 Affected: DP300 V500R002C00
    Affected: RP200 V500R002C00SPC200
    Affected: V600R006C00
    Affected: TE30 V100R001C10
    Affected: V500R002C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C10
    Create a notification for this product.
    Date Public
    2018-01-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:43:59.854Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; RP200; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "RP200 V500R002C00SPC200"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C10"
                }
              ]
            }
          ],
          "datePublic": "2018-01-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may cause process reboot."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "out-of-bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17216",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00"
                              },
                              {
                                "version_value": "RP200 V500R002C00SPC200"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE30 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may cause process reboot."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "out-of-bounds read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180124-01-mgcp-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17216",
        "datePublished": "2018-03-09T17:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:43:59.854Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17200 (GCVE-0-2017-17200)

    Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
    VLAI
    Summary
    Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable.
    Severity
    No CVSS data available.
    CWE
    • out-of-bounds read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; RP200; TE30; TE40; TE50; TE60 Affected: DP300 V500R002C00
    Affected: RP200 V500R002C00
    Affected: V600R006C00
    Affected: TE30 V100R001C10
    Affected: V500R002C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C10
    Create a notification for this product.
    Date Public
    2018-02-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:43:59.891Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; RP200; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "RP200 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C10"
                }
              ]
            }
          ],
          "datePublic": "2018-02-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "out-of-bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17200",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00"
                              },
                              {
                                "version_value": "RP200 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE30 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "out-of-bounds read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17200",
        "datePublished": "2018-03-09T17:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:43:59.891Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17199 (GCVE-0-2017-17199)

    Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
    VLAI
    Summary
    Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable.
    Severity
    No CVSS data available.
    CWE
    • out-of-bounds read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; RP200; TE30; TE40; TE50; TE60 Affected: DP300 V500R002C00
    Affected: RP200 V500R002C00
    Affected: V600R006C00
    Affected: TE30 V100R001C10
    Affected: V500R002C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C10
    Create a notification for this product.
    Date Public
    2018-02-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:43:59.855Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; RP200; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "RP200 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C10"
                }
              ]
            }
          ],
          "datePublic": "2018-02-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "out-of-bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17199",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00"
                              },
                              {
                                "version_value": "RP200 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE30 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "out-of-bounds read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17199",
        "datePublished": "2018-03-09T17:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:43:59.855Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17150 (GCVE-0-2017-17150)

    Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
    VLAI
    Summary
    Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an DoS vulnerability due to insufficient validation of the parameter. An authenticated local attacker may call a special API with special parameter, which cause an infinite loop. Successful exploit of this vulnerability can allow an attacker to launch DOS attack.
    Severity
    No CVSS data available.
    CWE
    • DoS
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; RP200; TE30; TE40; TE50; TE60 Affected: DP300 V500R002C00
    Affected: RP200 V500R002C00
    Affected: V600R006C00
    Affected: TE30 V100R001C10
    Affected: V500R002C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C10
    Create a notification for this product.
    Date Public
    2017-12-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:43:59.921Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-vpp-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; RP200; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "RP200 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C10"
                }
              ]
            }
          ],
          "datePublic": "2017-12-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an DoS vulnerability due to insufficient validation of the parameter. An authenticated local attacker may call a special API with special parameter, which cause an infinite loop. Successful exploit of this vulnerability can allow an attacker to launch DOS attack."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "DoS",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-vpp-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17150",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00"
                              },
                              {
                                "version_value": "RP200 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE30 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Timergrp module in Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an DoS vulnerability due to insufficient validation of the parameter. An authenticated local attacker may call a special API with special parameter, which cause an infinite loop. Successful exploit of this vulnerability can allow an attacker to launch DOS attack."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "DoS"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-vpp-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171220-01-vpp-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17150",
        "datePublished": "2018-03-09T17:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:43:59.921Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-19414 (GCVE-0-2019-19414)

    Vulnerability from cvelistv5 – Published: 2020-01-21 22:54 – Updated: 2024-08-05 02:16
    VLAI
    Summary
    There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
    Severity
    No CVSS data available.
    CWE
    • Two Integer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60 Affected: V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50
    Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800
    Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50
    Affected: V100R005C00,V100R005C10,V200R001C00,V200R002C50
    Affected: V100R003C00,V100R004C10
    Affected: V500R002C00
    Affected: V500R002C00SPC200,V600R006C00
    Affected: V100R001C10,V600R006C00
    Affected: V600R006C00
    Affected: V100R001C10,V500R002C00,V600R006C00
    Affected: unspecified
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T02:16:47.054Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
                },
                {
                  "status": "affected",
                  "version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
                },
                {
                  "status": "affected",
                  "version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
                },
                {
                  "status": "affected",
                  "version": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
                },
                {
                  "status": "affected",
                  "version": "V100R003C00,V100R004C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPC200,V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10,V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10,V500R002C00,V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "unspecified"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Two Integer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-21T22:54:32.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-19414",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
                              },
                              {
                                "version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
                              },
                              {
                                "version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
                              },
                              {
                                "version_value": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
                              },
                              {
                                "version_value": "V100R003C00,V100R004C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V500R002C00SPC200,V600R006C00"
                              },
                              {
                                "version_value": "V100R001C10,V600R006C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "V100R001C10,V500R002C00,V600R006C00"
                              },
                              {
                                "version_value": ""
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Two Integer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-19414",
        "datePublished": "2020-01-21T22:54:32.000Z",
        "dateReserved": "2019-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-05T02:16:47.054Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-19413 (GCVE-0-2019-19413)

    Vulnerability from cvelistv5 – Published: 2020-01-21 22:54 – Updated: 2024-08-05 02:16
    VLAI
    Summary
    There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash.
    Severity
    No CVSS data available.
    CWE
    • Two Integer Overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60 Affected: V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50
    Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800
    Affected: V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50
    Affected: V100R005C00,V100R005C10,V200R001C00,V200R002C50
    Affected: V100R003C00,V100R004C10
    Affected: V500R002C00
    Affected: V500R002C00SPC200,V600R006C00
    Affected: V100R001C10,V600R006C00
    Affected: V600R006C00
    Affected: V100R001C10,V500R002C00,V600R006C00
    Affected: unspecified
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T02:16:47.085Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
                },
                {
                  "status": "affected",
                  "version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
                },
                {
                  "status": "affected",
                  "version": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
                },
                {
                  "status": "affected",
                  "version": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
                },
                {
                  "status": "affected",
                  "version": "V100R003C00,V100R004C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00SPC200,V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10,V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10,V500R002C00,V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "unspecified"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Two Integer Overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-01-21T22:54:22.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2019-19413",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "CloudEngine 12800;CloudEngine 5800;CloudEngine 6800;CloudEngine 7800;DBS3900 TDD LTE;DP300;RP200;TE30;TE40;TE50;TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "V100R003C10,V100R005C00,V100R006C00,V200R001C00,V200R002C50"
                              },
                              {
                                "version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50SPC800"
                              },
                              {
                                "version_value": "V100R005C00,V100R005C10,V100R006C00,V200R001C00,V200R002C50"
                              },
                              {
                                "version_value": "V100R005C00,V100R005C10,V200R001C00,V200R002C50"
                              },
                              {
                                "version_value": "V100R003C00,V100R004C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V500R002C00SPC200,V600R006C00"
                              },
                              {
                                "version_value": "V100R001C10,V600R006C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "V100R001C10,V500R002C00,V600R006C00"
                              },
                              {
                                "version_value": ""
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to the target devices. Successful exploit could cause the affected system crash."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Two Integer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en",
                  "refsource": "MISC",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-ldap-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2019-19413",
        "datePublished": "2020-01-21T22:54:22.000Z",
        "dateReserved": "2019-11-29T00:00:00.000Z",
        "dateUpdated": "2024-08-05T02:16:47.085Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17317 (GCVE-0-2017-17317)

    Vulnerability from cvelistv5 – Published: 2018-07-02 13:00 – Updated: 2024-08-05 20:51
    VLAI
    Summary
    Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal.
    Severity
    No CVSS data available.
    CWE
    • buffer overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60 Affected: USG6300 V100R001C10
    Affected: V100R001C20
    Affected: V100R001C30
    Affected: V500R001C00
    Affected: V500R001C20
    Affected: V500R001C30
    Affected: V500R001C50
    Affected: Secospace USG6500 V100R001C10
    Affected: Secospace USG6600 V100R001C00
    Affected: TE30 V100R001C02
    Affected: V100R001C10
    Affected: V500R002C00
    Affected: V600R006C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C01
    Create a notification for this product.
    Date Public
    2018-06-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:30.748Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "USG6300 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V100R001C20"
                },
                {
                  "status": "affected",
                  "version": "V100R001C30"
                },
                {
                  "status": "affected",
                  "version": "V500R001C00"
                },
                {
                  "status": "affected",
                  "version": "V500R001C20"
                },
                {
                  "status": "affected",
                  "version": "V500R001C30"
                },
                {
                  "status": "affected",
                  "version": "V500R001C50"
                },
                {
                  "status": "affected",
                  "version": "Secospace USG6500 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "Secospace USG6600 V100R001C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C02"
                },
                {
                  "status": "affected",
                  "version": "V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C01"
                }
              ]
            }
          ],
          "datePublic": "2018-06-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-07-02T12:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17317",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "USG6300 V100R001C10"
                              },
                              {
                                "version_value": "V100R001C20"
                              },
                              {
                                "version_value": "V100R001C30"
                              },
                              {
                                "version_value": "V500R001C00"
                              },
                              {
                                "version_value": "V500R001C20"
                              },
                              {
                                "version_value": "V500R001C30"
                              },
                              {
                                "version_value": "V500R001C50"
                              },
                              {
                                "version_value": "Secospace USG6500 V100R001C10"
                              },
                              {
                                "version_value": "V100R001C20"
                              },
                              {
                                "version_value": "V100R001C30"
                              },
                              {
                                "version_value": "V500R001C00"
                              },
                              {
                                "version_value": "V500R001C20"
                              },
                              {
                                "version_value": "V500R001C30"
                              },
                              {
                                "version_value": "V500R001C50"
                              },
                              {
                                "version_value": "Secospace USG6600 V100R001C00"
                              },
                              {
                                "version_value": "V100R001C20"
                              },
                              {
                                "version_value": "V100R001C30"
                              },
                              {
                                "version_value": "V500R001C00"
                              },
                              {
                                "version_value": "V500R001C20"
                              },
                              {
                                "version_value": "V500R001C30"
                              },
                              {
                                "version_value": "V500R001C50"
                              },
                              {
                                "version_value": "TE30 V100R001C02"
                              },
                              {
                                "version_value": "V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C01"
                              },
                              {
                                "version_value": "V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17317",
        "datePublished": "2018-07-02T13:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:51:30.748Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17316 (GCVE-0-2017-17316)

    Vulnerability from cvelistv5 – Published: 2018-07-02 13:00 – Updated: 2024-08-05 20:51
    VLAI
    Summary
    Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal.
    Severity
    No CVSS data available.
    CWE
    • out-of-bounds read
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; RP200; TE30; TE40; TE50; TE60 Affected: DP300 V500R002C00
    Affected: RP200 V500R002C00
    Affected: V600R006C00
    Affected: TE30 V100R001C10
    Affected: V500R002C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C10
    Create a notification for this product.
    Date Public
    2018-06-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:31.142Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; RP200; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "RP200 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C10"
                }
              ]
            }
          ],
          "datePublic": "2018-06-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "out-of-bounds read",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-07-02T12:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17316",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00"
                              },
                              {
                                "version_value": "RP200 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE30 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "out-of-bounds read"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en",
                  "refsource": "CONFIRM",
                  "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17316",
        "datePublished": "2018-07-02T13:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:51:31.142Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17315 (GCVE-0-2017-17315)

    Vulnerability from cvelistv5 – Published: 2018-05-24 14:00 – Updated: 2024-08-05 20:51
    VLAI
    Summary
    Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal.
    Severity
    No CVSS data available.
    CWE
    • numeric errors
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300; RP200; TE30; TE40; TE50; TE60 Affected: DP300 V500R002C00
    Affected: RP200 V600R006C00
    Affected: TE30 V100R001C10
    Affected: V500R002C00
    Affected: V600R006C00
    Affected: TE40 V500R002C00
    Affected: TE50 V500R002C00
    Affected: TE60 V100R001C10
    Create a notification for this product.
    Date Public
    2018-05-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:30.557Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300; RP200; TE30; TE40; TE50; TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "RP200 V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE30 V100R001C10"
                },
                {
                  "status": "affected",
                  "version": "V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "V600R006C00"
                },
                {
                  "status": "affected",
                  "version": "TE40 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE50 V500R002C00"
                },
                {
                  "status": "affected",
                  "version": "TE60 V100R001C10"
                }
              ]
            }
          ],
          "datePublic": "2018-05-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "numeric errors",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-05-24T13:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17315",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300; RP200; TE30; TE40; TE50; TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00"
                              },
                              {
                                "version_value": "RP200 V600R006C00"
                              },
                              {
                                "version_value": "TE30 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE40 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE50 V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              },
                              {
                                "version_value": "TE60 V100R001C10"
                              },
                              {
                                "version_value": "V500R002C00"
                              },
                              {
                                "version_value": "V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specially crafted SCCP messages to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause some services abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "numeric errors"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180502-01-sccp-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17315",
        "datePublished": "2018-05-24T14:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:51:30.557Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17314 (GCVE-0-2017-17314)

    Vulnerability from cvelistv5 – Published: 2018-04-30 14:00 – Updated: 2024-08-05 20:51
    VLAI
    Summary
    Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal.
    Severity
    No CVSS data available.
    CWE
    • invalid memory access
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300, RP200, TE30, TE40, TE50, TE60 Affected: DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
    Create a notification for this product.
    Date Public
    2018-04-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:30.553Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300, RP200, TE30, TE40, TE50, TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                }
              ]
            }
          ],
          "datePublic": "2018-04-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "invalid memory access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-04-30T13:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17314",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an invalid memory access vulnerability. An unauthenticated attacker has to find a way to send malformed SCCP messages to the affected products. Due to insufficient input validation of some values in the messages, successful exploit may cause buffer error and some service abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "invalid memory access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180425-02-buffer-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17314",
        "datePublished": "2018-04-30T14:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:51:30.553Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17310 (GCVE-0-2017-17310)

    Vulnerability from cvelistv5 – Published: 2018-04-19 14:00 – Updated: 2024-09-16 23:41
    VLAI
    Summary
    Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal.
    Severity
    No CVSS data available.
    CWE
    • buffer error
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300, RP200, TE30, TE40, TE50, TE60 Affected: DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
    Create a notification for this product.
    Date Public
    2018-04-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:30.703Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300, RP200, TE30, TE40, TE50, TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                }
              ]
            }
          ],
          "datePublic": "2018-04-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer error",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-04-19T13:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "DATE_PUBLIC": "2018-04-18T00:00:00",
              "ID": "CVE-2017-17310",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer error"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17310",
        "datePublished": "2018-04-19T14:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:41:48.428Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17308 (GCVE-0-2017-17308)

    Vulnerability from cvelistv5 – Published: 2018-04-11 17:00 – Updated: 2024-08-05 20:51
    VLAI
    Summary
    SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal.
    Severity
    No CVSS data available.
    CWE
    • invalid memory access
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300, RP200, TE30, TE40, TE50, TE60 Affected: DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
    Create a notification for this product.
    Date Public
    2018-04-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:51:30.591Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300, RP200, TE30, TE40, TE50, TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                }
              ]
            }
          ],
          "datePublic": "2018-04-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "invalid memory access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-04-11T16:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17308",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability. An unauthenticated, remote attacker may send specially crafted packets to the affected products. Due to insufficient validation of packets, successful exploit may cause some services abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "invalid memory access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180411-01-sccpx-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17308",
        "datePublished": "2018-04-11T17:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:51:30.591Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-17282 (GCVE-0-2017-17282)

    Vulnerability from cvelistv5 – Published: 2018-03-09 21:00 – Updated: 2024-08-05 20:44
    VLAI
    Summary
    SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal.
    Severity
    No CVSS data available.
    CWE
    • buffer overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300, RP200, TE30, TE40, TE50, TE60 Affected: DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
    Create a notification for this product.
    Date Public
    2018-02-28 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:44:00.050Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300, RP200, TE30, TE40, TE50, TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                }
              ]
            }
          ],
          "datePublic": "2018-02-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T20:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-17282",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300, RP200, TE30, TE40, TE50, TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SCCP (Signalling Connection Control Part) module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has a buffer overflow vulnerability. An attacker has to find a way to send malformed packets to the affected products repeatedly. Due to insufficient input validation, successful exploit may cause some service abnormal."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180228-01-sccp-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-17282",
        "datePublished": "2018-03-09T21:00:00.000Z",
        "dateReserved": "2017-12-04T00:00:00.000Z",
        "dateUpdated": "2024-08-05T20:44:00.050Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-15314 (GCVE-0-2017-15314)

    Vulnerability from cvelistv5 – Published: 2018-03-09 21:00 – Updated: 2024-08-05 19:50
    VLAI
    Summary
    Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.
    Severity
    No CVSS data available.
    CWE
    • Memory Leak
    Assigner
    References
    Impacted products
    Vendor Product Version
    Huawei Technologies Co., Ltd. DP300,RP200,TE30,TE40,TE50,TE60 Affected: DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00
    Create a notification for this product.
    Date Public
    2017-11-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:50:16.500Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "DP300,RP200,TE30,TE40,TE50,TE60",
              "vendor": "Huawei Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                }
              ]
            }
          ],
          "datePublic": "2017-11-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don\u0027t be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Memory Leak",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-03-09T20:57:01.000Z",
            "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
            "shortName": "huawei"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@huawei.com",
              "ID": "CVE-2017-15314",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "DP300,RP200,TE30,TE40,TE50,TE60",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Huawei Technologies Co., Ltd."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don\u0027t be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Memory Leak"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en",
                  "refsource": "CONFIRM",
                  "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "assignerShortName": "huawei",
        "cveId": "CVE-2017-15314",
        "datePublished": "2018-03-09T21:00:00.000Z",
        "dateReserved": "2017-10-14T00:00:00.000Z",
        "dateUpdated": "2024-08-05T19:50:16.500Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }