CVE-2017-15314

Published Mar 9, 2018

Last updated 5 years ago

CVSS medium 5.5

Overview

Description: Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.
Source: psirt@huawei.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-772

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BC535D5-0C05-4695-976F-ACF447431A6F"
          },
          {
            "criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEBEE4A4-0D51-4845-83DD-EE326F227150"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B125233A-3A7D-41E9-826C-BC7A5DA8A93E"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E656A39-4954-442B-83C2-587B78702C0D"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10spc700:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9291F7F-E159-475A-8DC8-B8EFFF42170F"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5EEB3DB2-810A-4FB2-BE52-9694824F90F7"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc500:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5EA29F7B-86A4-4D58-B868-33CB70337A23"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "509AFB31-BF50-4AAA-AD42-309C86C0A9D4"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc700:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E11E0F5-C34B-4745-B6F0-8DF3522FA15B"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spc900:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "999D02AA-1B42-4B4E-BB7B-0B063DE5F2B5"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00spcb00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50E5A0D4-E459-4230-94DB-E94946425071"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA3C8433-FEA5-4784-8C0A-174C677AD50F"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00spc700:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00F48D7B-BAAB-46F8-A428-5EC68EC34EA8"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00spc900:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F6D177F9-8A65-4E1F-9576-D03171336510"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00spcb00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38671934-B566-4A73-9C97-C0236D4EEAFE"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "382868EB-07B6-448B-AF15-8C66046C9422"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00spc700:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F75CBAE-59AC-4290-989E-8897B7FFE389"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00spcb00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A71366A4-11F7-42F6-A1C7-A3D3E38E0ACE"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References