CVE-2017-15353
Summary
| CVE | CVE-2017-15353 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-02-15 16:29:00 UTC |
| Updated | 2018-02-22 17:00:00 UTC |
| Description | Huawei DP300, V500R002C00, RP200, V500R002C00, V600R006C00, RSE6500, V500R002C00, TE30, V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40, V500R002C00, V600R006C00, TE50, V500R002C00, V600R006C00, TE60, V100R001C01, V100R001C10, V500R002C00, V600R006C00, TX50, V500R002C00, V600R006C00, VP9660, V500R002C00, V500R002C10, ViewPoint 8660, V100R008C03, ViewPoint 9030, V100R011C02, V100R011C03, Viewpoint 8660, V100R008C03 have an out-of-bounds read vulnerability. An attacker has to control the peer device and send specially crafted messages to the affected products. Due to insufficient input validation, successful exploit may cause some service abnormal. |
Risk And Classification
Problem Types: CWE-125
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Huawei | Dp300 | - | All | All | All |
| Hardware | Huawei | Dp300 | - | All | All | All |
| Operating System | Huawei | Dp300 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Dp300 Firmware | v500r002c00 | All | All | All |
| Hardware | Huawei | Rp200 | - | All | All | All |
| Hardware | Huawei | Rp200 | - | All | All | All |
| Operating System | Huawei | Rp200 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Rp200 Firmware | v600r006c00 | All | All | All |
| Operating System | Huawei | Rp200 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Rp200 Firmware | v600r006c00 | All | All | All |
| Hardware | Huawei | Rse6500 | - | All | All | All |
| Hardware | Huawei | Rse6500 | - | All | All | All |
| Operating System | Huawei | Rse6500 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Rse6500 Firmware | v500r002c00 | All | All | All |
| Hardware | Huawei | Te30 | - | All | All | All |
| Hardware | Huawei | Te30 | - | All | All | All |
| Operating System | Huawei | Te30 Firmware | v100r001c02 | All | All | All |
| Operating System | Huawei | Te30 Firmware | v100r001c10 | All | All | All |
| Operating System | Huawei | Te30 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Te30 Firmware | v600r006c00 | All | All | All |
| Operating System | Huawei | Te30 Firmware | v100r001c02 | All | All | All |
| Operating System | Huawei | Te30 Firmware | v100r001c10 | All | All | All |
| Operating System | Huawei | Te30 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Te30 Firmware | v600r006c00 | All | All | All |
| Hardware | Huawei | Te40 | - | All | All | All |
| Hardware | Huawei | Te40 | - | All | All | All |
| Operating System | Huawei | Te40 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Te40 Firmware | v600r006c00 | All | All | All |
| Operating System | Huawei | Te40 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Te40 Firmware | v600r006c00 | All | All | All |
| Hardware | Huawei | Te50 | - | All | All | All |
| Hardware | Huawei | Te50 | - | All | All | All |
| Operating System | Huawei | Te50 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Te50 Firmware | v600r006c00 | All | All | All |
| Operating System | Huawei | Te50 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Te50 Firmware | v600r006c00 | All | All | All |
| Hardware | Huawei | Te60 | - | All | All | All |
| Hardware | Huawei | Te60 | - | All | All | All |
| Operating System | Huawei | Te60 Firmware | v100r001c01 | All | All | All |
| Operating System | Huawei | Te60 Firmware | v100r001c10 | All | All | All |
| Operating System | Huawei | Te60 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Te60 Firmware | v600r006c00 | All | All | All |
| Operating System | Huawei | Te60 Firmware | v100r001c01 | All | All | All |
| Operating System | Huawei | Te60 Firmware | v100r001c10 | All | All | All |
| Operating System | Huawei | Te60 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Te60 Firmware | v600r006c00 | All | All | All |
| Hardware | Huawei | Tx50 | - | All | All | All |
| Hardware | Huawei | Tx50 | - | All | All | All |
| Operating System | Huawei | Tx50 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Tx50 Firmware | v600r006c00 | All | All | All |
| Operating System | Huawei | Tx50 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Tx50 Firmware | v600r006c00 | All | All | All |
| Hardware | Huawei | Viewpoint 8660 | - | All | All | All |
| Hardware | Huawei | Viewpoint 8660 | - | All | All | All |
| Operating System | Huawei | Viewpoint 8660 Firmware | v100r008c03 | All | All | All |
| Operating System | Huawei | Viewpoint 8660 Firmware | v100r008c03 | All | All | All |
| Hardware | Huawei | Viewpoint 9030 | - | All | All | All |
| Hardware | Huawei | Viewpoint 9030 | - | All | All | All |
| Operating System | Huawei | Viewpoint 9030 Firmware | v100r011c02 | All | All | All |
| Operating System | Huawei | Viewpoint 9030 Firmware | v100r011c03 | All | All | All |
| Operating System | Huawei | Viewpoint 9030 Firmware | v100r011c02 | All | All | All |
| Operating System | Huawei | Viewpoint 9030 Firmware | v100r011c03 | All | All | All |
| Hardware | Huawei | Vp9660 | - | All | All | All |
| Hardware | Huawei | Vp9660 | - | All | All | All |
| Operating System | Huawei | Vp9660 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Vp9660 Firmware | v500r002c10 | All | All | All |
| Operating System | Huawei | Vp9660 Firmware | v500r002c00 | All | All | All |
| Operating System | Huawei | Vp9660 Firmware | v500r002c10 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory - Out-of-bounds Read Vulnerability in Some Huawei Products | CONFIRM | www.huawei.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.