CVE-2017-15341

Name of the Vulnerable Software and Affected Versions Huawei AR3200 versions V200R008C20 through V200R008C30 Huawei TE40 version V600R006C00 Huawei TE50 version V600R006C00 Huawei TE60 version V600R006C00

Description The issue is related to the improper decoding of X.509 certificates by the software. A remote unauthenticated attacker could exploit this by sending a crafted X.509 certificate to the device, potentially resulting in a denial of service on the device.

Recommendations For Huawei AR3200 versions V200R008C20 through V200R008C30, consider restricting access to the certificate decoding function until a patch is available. For Huawei TE40 version V600R006C00, avoid using the X.509 certificate decoding feature until the issue is resolved. For Huawei TE50 version V600R006C00, temporarily disable the X.509 certificate decoding functionality to minimize the risk of exploitation. For Huawei TE60 version V600R006C00, restrict the use of the X.509 certificate decoding module to prevent potential denial of service attacks.