CVE-2017-15323

Published Mar 9, 2018

Last updated 7 years ago

CVSS medium 5.5

Overview

Description: Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eCNS210_TD V100R004C10, eSpace U1981 V200R003C30 have a DoS vulnerability caused by memory exhaustion in some Huawei products. For lacking of adequate input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service (DoS).
Source: psirt@huawei.com
NVD status: Analyzed

Risk scores

CVSS 3.0

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4.9
Impact score: 6.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-400

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F2E0857-39E8-46C2-A723-9F09C052F2F9"
          },
          {
            "criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDC040A6-3E38-4B21-9779-67CF66FDC6B3"
          },
          {
            "criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3189382E-6846-4713-A92F-ABD03683F4A5"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3983A57-2F07-4D21-9093-1DFEAB310E26"
          },
          {
            "criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F6EACB9-6832-4B2A-9C5B-C1E2747D6359"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v100r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D13F79BF-2919-45A3-9AB0-9D501DDA94B5"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7"
          },
          {
            "criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:tp3106_firmware:v100r001c06:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5AFC9C8-548B-4A63-BE1D-98685E353434"
          },
          {
            "criteria": "cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73EB0020-7162-4E3C-8E6B-D2FF8D7ECF36"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:tp3106:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "492DABB3-66CF-47E9-92D4-518154559A7C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:vp9660_firmware:v200r001c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72ABAEF6-DC14-4C11-A570-44C23705933A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:vp9660_firmware:v200r001c30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BEF9499-2D42-49A2-BBC8-54472DEEB95A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:vp9660_firmware:v500r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A68709FF-9E1C-4174-A925-70A88D4376A3"
          },
          {
            "criteria": "cpe:2.3:o:huawei:vp9660_firmware:v500r002c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A58ED692-8BED-4877-9BC9-D41386B660C1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:vp9660:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D1DC498B-F19F-403A-ACFE-F8364A78EC66"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:viewpoint_8660_firmware:v100r008c03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "573BD5BC-48CE-4752-834D-6F6368780FB2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:viewpoint_8660:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DE8FC7FB-FABD-4BC2-A0F5-3149F958EEAC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C83F8B1-67D2-4D4C-8FB5-2C61EDD0FCF3"
          },
          {
            "criteria": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0ADEC8B2-CD7F-4246-88C0-E27B939829AB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F6208C34-D92D-4605-B4AF-6EA597CBA0F2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ecns210_td_firmware:v100r004c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30C6245A-D192-4D02-BB4E-285ABD2BB328"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ecns210_td:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "47FCDC81-B742-4D42-BD52-52BBDDDD4BE5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC865317-D874-469D-AE84-7700B0F1485C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:espace_u1981:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C7BD4D80-D901-4082-B74D-A1D0CC24CA9F"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References