CVE-2017-15314

{"id": "CVE-2017-15314", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2018-03-09T21:29:00.470", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-xml-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-772"}]}], "descriptions": [{"lang": "en", "value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions."}, {"lang": "es", "value": "Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00 y V600R006C00 tienen una vulnerabilidad de fuga de memoria debido a que la memoria no se libera cuando el analizador XML fracasa a la hora de procesar algunos nodos. Un atacante podr\u00eda aprovecharse de esto para provocar una fuga de memoria, lo que podr\u00eda conducir a excepciones del sistema."}], "lastModified": "2019-10-03T00:03:26.223", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00spc200:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BC535D5-0C05-4695-976F-ACF447431A6F"}, {"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10spc300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEBEE4A4-0D51-4845-83DD-EE326F227150"}, {"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B125233A-3A7D-41E9-826C-BC7A5DA8A93E"}, {"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E656A39-4954-442B-83C2-587B78702C0D"}, {"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10spc700:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9291F7F-E159-475A-8DC8-B8EFFF42170F"}, {"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc200:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EEB3DB2-810A-4FB2-BE52-9694824F90F7"}, {"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc500:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EA29F7B-86A4-4D58-B868-33CB70337A23"}, {"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "509AFB31-BF50-4AAA-AD42-309C86C0A9D4"}, {"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc700:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E11E0F5-C34B-4745-B6F0-8DF3522FA15B"}, {"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc900:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "999D02AA-1B42-4B4E-BB7B-0B063DE5F2B5"}, {"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spcb00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50E5A0D4-E459-4230-94DB-E94946425071"}, {"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA3C8433-FEA5-4784-8C0A-174C677AD50F"}, {"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00spc700:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00F48D7B-BAAB-46F8-A428-5EC68EC34EA8"}, {"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00spc900:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6D177F9-8A65-4E1F-9576-D03171336510"}, {"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00spcb00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38671934-B566-4A73-9C97-C0236D4EEAFE"}, {"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "382868EB-07B6-448B-AF15-8C66046C9422"}, {"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00spc700:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F75CBAE-59AC-4290-989E-8897B7FFE389"}, {"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00spcb00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A71366A4-11F7-42F6-A1C7-A3D3E38E0ACE"}, {"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4"}, {"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7"}, {"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}