CVE-2017-17315

Name of the Vulnerable Software and Affected Versions: Huawei DP300 version V500R002C00 Huawei RP200 version V600R006C00 Huawei TE30 versions V100R001C10 through V100R001C10 Huawei TE40 versions V500R002C00 through V600R006C00 Huawei TE50 versions V500R002C00 through V600R006C00 Huawei TE60 versions V100R001C10 through V600R006C00

Description: The issue is related to numeric errors that can occur when handling specially crafted SCCP messages. An unauthenticated, remote attacker may exploit this by sending such messages to the affected products, causing some services to become abnormal due to improper validation of the messages.

Recommendations: For Huawei DP300 version V500R002C00, update to a version that fixes the numeric errors vulnerability. For Huawei RP200 version V600R006C00, update to a version that fixes the numeric errors vulnerability. For Huawei TE30 version V100R001C10, update to a version that fixes the numeric errors vulnerability. For Huawei TE40 versions V500R002C00 through V600R006C00, update to a version that fixes the numeric errors vulnerability. For Huawei TE50 versions V500R002C00 through V600R006C00, update to a version that fixes the numeric errors vulnerability. For Huawei TE60 versions V100R001C10 through V600R006C00, update to a version that fixes the numeric errors vulnerability. As a temporary workaround, consider restricting access to the SCCP messages handling functionality until a patch is available.