PT-2017-14730 · Huawei · Huawei Te40+24
Published
2017-12-06
·
Updated
2018-02-22
·
CVE-2017-17151
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR510, DP300, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206, ViewPoint 8660, and ViewPoint 9030 (affected versions not specified)
Description
The issue is related to insufficient validation in packet processing. An unauthenticated attacker can send special H323 packets to exploit this issue. Successful exploitation could allow the attacker to send malicious packets, resulting in Denial of Service (DOS) attacks.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Ar100
Huawei Ar110-S
Huawei Ar120-S
Huawei Ar1200
Huawei Ar150
Huawei Ar160
Huawei Ar200
Huawei Ar2200
Huawei Ar3200
Huawei Ar510
Huawei Dp300
Huawei Netengine16Ex
Huawei Rp200
Huawei Srg1300
Huawei Srg2300
Huawei Srg3300
Huawei Te30
Huawei Te40
Huawei Te50
Huawei Te60
Huawei Tp3106
Huawei Tp3206
Huawei Vrp
Huawei Viewpoint 8660
Huawei Viewpoint 9030