PT-2017-14006 · Huawei · Nip6800+26
Published
2017-12-01
·
Updated
2018-02-27
·
CVE-2017-15334
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
Huawei DP300 versions V500R002C00
Huawei IPS Module versions V100R001C10 through V100R001C30, V500R001C00 through V500R001C50
Huawei NGFW Module versions V100R001C10 through V100R001C30, V500R001C00 through V500R002C10
Huawei NIP6300 versions V500R001C00 through V500R001C50
Huawei NIP6600 versions V500R001C00 through V500R001C50
Huawei NIP6800 version V500R001C50
Huawei RP200 versions V500R002C00, V600R006C00
Huawei SVN5600 versions V200R003C00, V200R003C10
Huawei SVN5800 versions V200R003C00, V200R003C10
Huawei SVN5800-C versions V200R003C00, V200R003C10
Huawei SeMG9811 version V300R001C01
Huawei Secospace USG6300 versions V100R001C10 through V100R001C30, V500R001C00 through V500R001C50
Huawei Secospace USG6500 versions V100R001C10 through V100R001C30, V500R001C00 through V500R001C50
Huawei Secospace USG6600 versions V100R001C00 through V100R001C30, V500R001C00 through V500R001C50
Huawei TE30 versions V100R001C02, V100R001C10, V500R002C00, V600R006C00
Huawei TE40 versions V500R002C00, V600R006C00
Huawei TE50 versions V500R002C00, V600R006C00
Huawei TE60 versions V100R001C01, V100R001C10, V500R002C00, V600R006C00
Huawei USG9500 versions V500R001C00 through V500R001C30
Huawei USG9520 versions V300R001C01, V300R001C20
Huawei USG9560 versions V300R001C01, V300R001C20
Huawei USG9580 versions V300R001C01, V300R001C20
Huawei VP9660 versions V200R001C02, V200R001C30, V500R002C00, V500R002C10
Huawei ViewPoint 8660 version V100R008C03
Huawei ViewPoint 9030 versions V100R011C02, V100R011C03
Huawei eSpace U1981 versions V100R001C20, V200R003C00 through V200R003C30
Description
The SIP backup feature in various Huawei products has a buffer overflow vulnerability due to insufficient validation of some values for SIP messages. An attacker may send specially crafted messages to the affected products, which could cause services to become abnormal.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dp300
Huawei Vrp
Ips Module
Ngfw Module
Nip6300
Nip6600
Nip6800
Rp200
Svn5600
Svn5800
Svn5800-C
Semg9811
Secospace Usg6300
Secospace Usg6500
Secospace Usg6600
Te30
Te40
Te50
Te60
Usg9500
Usg9520
Usg9560
Usg9580
Vp9660
Viewpoint 8660
Viewpoint 9030
Espace U1981