PT-2017-14730 · Huawei · Huawei Te40+24

Publicado

2017-12-06

Atualizado

2018-02-22

CVE-2017-17151

CVSS v3.1

5.9

Média

Vetor

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR510, DP300, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206, ViewPoint 8660, and ViewPoint 9030 (affected versions not specified)

Description The issue is related to insufficient validation in packet processing. An unauthenticated attacker can send special H323 packets to exploit this issue. Successful exploitation could allow the attacker to send malicious packets, resulting in Denial of Service (DOS) attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2017-17151

Produtos afetados

Huawei Ar100

Huawei Ar110-S

Huawei Ar120-S

Huawei Ar1200

Huawei Ar150

Huawei Ar160

Huawei Ar200

Huawei Ar2200

Huawei Ar3200

Huawei Ar510

Huawei Dp300

Huawei Netengine16Ex

Huawei Rp200

Huawei Srg1300

Huawei Srg2300

Huawei Srg3300

Huawei Te30

Huawei Te40

Huawei Te50

Huawei Te60

Huawei Tp3106

Huawei Tp3206

Huawei Vrp

Huawei Viewpoint 8660

Huawei Viewpoint 9030

PT-2017-14730 · Huawei · Huawei Te40+24

CVE-2017-17151

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3