CVE-2017-15342

Huawei DP300 V500R002C00, TE60 V600R006C00, TP3106 V100R002C00, eSpace U1981 V200R003C30SPC100 have a denial of service vulnerability. The software does not correctly calculate the rest size in a buffer when handling SSL connections. A remote unauthenticated attacker could send a lot of crafted SSL messages to the device, successful exploit could cause no space in the buffer and then denial of service.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:tp3106:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c30spc100:*:*:*:*:*:*:*
cpe:2.3:h:huawei:espace_u1981:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:14

Type Values Removed Values Added
References () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ssl-en - Vendor Advisory () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ssl-en - Vendor Advisory

Information

Published : 2018-02-15 16:29

Updated : 2024-11-21 03:14


NVD link : CVE-2017-15342

Mitre link : CVE-2017-15342

CVE.ORG link : CVE-2017-15342


JSON object : View

Products Affected

huawei

  • dp300
  • espace_u1981
  • tp3106_firmware
  • te60
  • dp300_firmware
  • espace_u1981_firmware
  • tp3106
  • te60_firmware
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer