CVE-2017-15346

Name of the Vulnerable Software and Affected Versions Huawei S12700 versions V200R005C00 Huawei S1700 versions V200R009C00, V200R010C00 Huawei S3700 versions V100R006C03, V100R006C05 Huawei S5700 versions V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00 Huawei S6700 versions V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C02, V200R008C00, V200R009C00, V200R010C00 Huawei S7700 versions V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00 Huawei S9700 versions V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00 Huawei eCNS210 TD versions V100R004C10, V100R004C10SPC003, V100R004C10SPC100, V100R004C10SPC101, V100R004C10SPC102, V100R004C10SPC200, V100R004C10SPC221, V100R004C10SPC400

Description The XML parser in the affected products has a Denial of Service (DOS) issue. An attacker can craft specific XML files to exploit this issue, resulting in a DOS attack due to the product's failure to properly check and parse the specially crafted XML file.

Recommendations For Huawei S12700 version V200R005C00, update to a version that includes the fix for this issue. For Huawei S1700 versions V200R009C00, V200R010C00, update to a version that includes the fix for this issue. For Huawei S3700 versions V100R006C03, V100R006C05, update to a version that includes the fix for this issue. For Huawei S5700 versions V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00, update to a version that includes the fix for this issue. For Huawei S6700 versions V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C02, V200R008C00, V200R009C00, V200R010C00, update to a version that includes the fix for this issue. For Huawei S7700 versions V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00, update to a version that includes the fix for this issue. For Huawei S9700 versions V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00, update to a version that includes the fix for this issue. For Huawei eCNS210 TD versions V100R004C10, V100R004C10SPC003, V100R004C10SPC100, V100R004C10SPC101, V100R004C10SPC102, V100R004C10SPC200, V100R004C10SPC221, V100R004C10SPC400, update to a version that includes the fix for this issue.