CVE-2017-15353

Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:rse6500_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:rse6500:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
OR cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
OR cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
OR cpe:2.3:o:huawei:te60_firmware:v100r001c01:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
OR cpe:2.3:o:huawei:tx50_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:tx50_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:tx50:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:huawei:viewpoint_8660_firmware:v100r008c03:*:*:*:*:*:*:*
cpe:2.3:h:huawei:viewpoint_8660:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
OR cpe:2.3:o:huawei:vp9660_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:vp9660_firmware:v500r002c10:*:*:*:*:*:*:*
cpe:2.3:h:huawei:vp9660:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
OR cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*
cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*
cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:14

Type Values Removed Values Added
References () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en - Vendor Advisory () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171115-01-h323-en - Vendor Advisory

Information

Published : 2018-02-15 16:29

Updated : 2024-11-21 03:14


NVD link : CVE-2017-15353

Mitre link : CVE-2017-15353

CVE.ORG link : CVE-2017-15353


JSON object : View

Products Affected

huawei

  • te40
  • viewpoint_8660_firmware
  • te30
  • dp300_firmware
  • te30_firmware
  • te50
  • te50_firmware
  • viewpoint_9030
  • viewpoint_8660
  • viewpoint_9030_firmware
  • tx50
  • te40_firmware
  • dp300
  • rse6500
  • vp9660_firmware
  • rp200_firmware
  • te60
  • tx50_firmware
  • rse6500_firmware
  • rp200
  • te60_firmware
  • vp9660
CWE
CWE-125

Out-of-bounds Read