CVE-2017-15346

Published Feb 15, 2018
Last updated 7 years ago
CVSS medium 4.7
Overview

Description: XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C05,S5700 V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S6700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C02, V200R008C00, V200R009C00, V200R010C00,S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S9700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,eCNS210_TD V100R004C10, V100R004C10SPC003, V100R004C10SPC100, V100R004C10SPC101, V100R004C10SPC102, V100R004C10SPC200, V100R004C10SPC221, V100R004C10SPC400 has a DOS vulnerability. An attacker may craft specific XML files to the affected products. Due to not check the specially XML file and to parse this file, successful exploit will result in DOS attacks.
Source: psirt@huawei.com
NVD status: Analyzed
Risk scores

CVSS 3.0

Type: Primary
Base score: 4.7
Impact score: 3.6
Exploitability score: 1
Vector string: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:P
Weaknesses

nvd@nist.gov: CWE-20
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D81469B-EC6C-493D-B632-4DF821A1F304"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F91DC34F-C000-4E51-A70E-38610D31AE53"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "099E36B0-125F-4B3F-8D4A-01F8882CF53B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "336AA440-AEF4-482B-A037-8976DC38BA1A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B2DE9FE-5EC9-462E-86F0-EE772C944DFC"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4907FBB8-5157-460D-9240-DD7D610C0FCC"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2898D6C5-77AB-4C1F-8134-B2DBD13EDB81"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCF23DAE-1215-41B2-88C5-4436D846266C"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r009c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48B5A9B7-A931-4806-8AC7-302C6CA49CF1"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA744621-893C-4F7E-80A1-66559BC6D6F4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B7B7285-F4C6-415C-A948-D7612750A77D"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D6DC0AF-017E-41BC-A19D-F9AA055F5224"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "749B68B9-9F62-4E7A-AC86-F4073BA32E18"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F18D9776-5CE7-4DD3-9119-7FB08A35B955"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "898AC16A-8F4E-4709-A3B4-DE74FFB91130"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r009c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9EA93B5-01A5-4506-9B0A-993621E6940E"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B7B7285-F4C6-415C-A948-D7612750A77D"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D6DC0AF-017E-41BC-A19D-F9AA055F5224"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "749B68B9-9F62-4E7A-AC86-F4073BA32E18"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F18D9776-5CE7-4DD3-9119-7FB08A35B955"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "898AC16A-8F4E-4709-A3B4-DE74FFB91130"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r009c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9EA93B5-01A5-4506-9B0A-993621E6940E"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F49D3EAD-1EB3-4C62-80BA-4C9C3CE0408C"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D75B012-A57D-4C6D-AB26-51D2ECC02F35"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1DFF0C0-AA17-4AA1-A418-4759D1A58852"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D84F05D5-BA7D-485B-91C2-273349335CFB"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EF3FB3CC-2EAC-4A08-BDDC-DCACEE9FA2AE"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2377CD30-6F57-46CB-9DD1-E29458A7D928"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r009c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB2A3C92-C5C6-4BE6-A9F6-21C28D68C080"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37E3F87E-EA36-41ED-8793-F6C166FFC4A7"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r001c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B1F0B3D-1923-42C3-A3DB-03D11BE059D9"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FB6ED15-477B-4BB5-AA94-0D7897FBD962"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06AD9ACA-E0C3-4096-BE50-94E717CDA318"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "325D6523-A07A-48D4-AD44-CF838BD77432"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AC7E622-010C-4C5D-8AA6-D4793AFCE0E0"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D78DAB13-32AA-4813-AB0A-0EA870F41183"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r009c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01A0EC8F-6A8A-487F-A92A-789E3789788F"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C6DC309-2FC6-4014-9C2B-8EE12C7BB08F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ecns210_td_firmware:v100r004c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30C6245A-D192-4D02-BB4E-285ABD2BB328"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ecns210_td_firmware:v100r004c10spc003:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26692835-0934-46B9-99F3-16C6C445716C"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ecns210_td_firmware:v100r004c10spc100:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A16ED12F-F226-4D51-ACF3-7F0B17E3ECF1"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ecns210_td_firmware:v100r004c10spc101:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22E94D2A-8B69-498F-9326-4973F81BA53B"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ecns210_td_firmware:v100r004c10spc102:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3B4EC75E-9FE1-4E3E-A884-D05EA6BC6DE4"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ecns210_td_firmware:v100r004c10spc200:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A07D70E-8237-4D0C-BE2A-ABEE76BB78A5"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ecns210_td_firmware:v100r004c10spc221:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06A6D1CC-5E68-41DD-B983-44B5070FD71A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ecns210_td_firmware:v100r004c10spc400:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC368972-3057-4E2C-BC6A-234AC7A700B2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ecns210_td:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "47FCDC81-B742-4D42-BD52-52BBDDDD4BE5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
