CVE-2017-15324

{"id": "CVE-2017-15324", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": true, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-12-22T17:29:13.470", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}, {"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-nqa-en", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Huawei S5700 and S6700 with software of V200R005C00 have a DoS vulnerability due to insufficient validation of the Network Quality Analysis (NQA) packets. A remote attacker could exploit this vulnerability by sending malformed NQA packets to the target device. Successful exploitation could make the device restart."}, {"lang": "es", "value": "Huawei S5700 y S6700 con software V200R005C00 tienen una vulnerabilidad de DoS debido a una validaci\u00f3n insuficiente de los paquetes Network Quality Analysis (NQA). Un atacante remoto podr\u00eda explotar esta vulnerabilidad enviando paquetes NQA mal formados al dispositivo objetivo. La explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar el reinicio del dispositivo."}], "lastModified": "2024-11-21T03:14:27.940", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCF23DAE-1215-41B2-88C5-4436D846266C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F18D9776-5CE7-4DD3-9119-7FB08A35B955"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}