PT-2017-14739 · Huawei · Huawei Usg9500+2
Publicado
2017-12-13
·
Atualizado
2019-10-03
·
CVE-2017-17162
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Huawei Secospace USG6600 versions V500R001C30SPC100 through V500R001C30SPC300
Huawei USG9500 versions V500R001C30SPC100 through V500R001C30SPC300
Description
The issue is caused by a memory leak that occurs when a local authenticated attacker executes special commands multiple times, resulting in memory not being released. This can lead to system exceptions.
Recommendations
For Huawei Secospace USG6600 versions V500R001C30SPC100 through V500R001C30SPC300, consider restricting access to special commands to minimize the risk of exploitation.
For Huawei USG9500 versions V500R001C30SPC100 through V500R001C30SPC300, consider restricting access to special commands to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Missing Release of Resource after Effective Lifetime
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Huawei Secospace Usg6600
Huawei Usg9500
Huawei Vrp