CVE-2017-17295

Name of the Vulnerable Software and Affected Versions Huawei AR120-S versions V200R006C10 through V200R008C30 Huawei AR1200 versions V200R006C10 through V200R008C30 Huawei AR1200-S versions V200R006C10 through V200R008C30 Huawei AR150 versions V200R006C10 through V200R008C30 Huawei AR150-S versions V200R006C10 through V200R008C30 Huawei AR160 versions V200R006C10 through V200R008C30 Huawei AR200 versions V200R006C10 through V200R008C30 Huawei AR200-S versions V200R006C10 through V200R008C30 Huawei AR2200 versions V200R006C10 through V200R008C30 Huawei AR2200-S versions V200R006C10 through V200R008C30 Huawei AR3200 versions V200R006C10 through V200R008C30 Huawei AR3600 versions V200R006C10 through V200R008C20 Huawei AR510 versions V200R006C10 through V200R008C30 Huawei DP300 version V500R002C00 Huawei IPS Module versions V100R001C10 through V500R001C50 Huawei NGFW Module versions V100R001C10 through V500R002C10 Huawei NIP6300 versions V500R001C00 through V500R001C50 Huawei NIP6600 versions V500R001C00 through V500R001C50 Huawei NIP6800 version V500R001C50 Huawei NetEngine16EX versions V200R006C10 through V200R008C30 Huawei RP200 versions V500R002C00 through V600R006C00 Huawei RSE6500 version V500R002C00 Huawei SRG1300 versions V200R006C10 through V200R008C30 Huawei SRG2300 versions V200R006C10 through V200R008C30 Huawei SRG3300 versions V200R006C10 through V200R008C30 Huawei SVN5600 versions V200R003C00 through V200R003C10 Huawei SVN5800 versions V200R003C10 through V200R003C10 Huawei SVN5800-C versions V200R003C00 through V200R003C10 Huawei SeMG9811 version V300R001C01 Huawei Secospace USG6300 versions V100R001C10 through V500R001C50 Huawei Secospace USG6500 versions V100R001C10 through V500R001C50 Huawei Secospace USG6600 versions V100R001C00 through V500R001C50 Huawei TE30 versions V100R001C02 through V600R006C00 Huawei TE40 version V500R002C00 through V600R006C00 Huawei TE50 version V500R002C00 through V600R006C00 Huawei TE60 versions V100R001C01 through V600R006C00 Huawei TP3106 version V100R002C00 Huawei TP3206 versions V100R002C00 through V100R002C10 Huawei USG9500 versions V500R001C00 through V500R001C50 Huawei USG9520 versions V300R001C01 through V300R001C20 Huawei USG9560 versions V300R001C01 through V300R001C20 Huawei USG9580 versions V300R001C01 through V300R001C20 Huawei ViewPoint 9030 versions V100R011C02 through V100R011C03 Huawei eSpace U1981 versions V200R003C20SPC900 through V200R003C30SPC200

Description The issue is caused by insufficient validation of some values for SIP packages, which can be exploited by an unauthenticated, remote attacker sending specially crafted SIP packages to the affected products. Successful exploitation may cause services to become abnormal.

Recommendations For Huawei AR120-S versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei AR1200 versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei AR1200-S versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei AR150 versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei AR150-S versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei AR160 versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei AR200 versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei AR200-S versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei AR2200 versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei AR2200-S versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei AR3200 versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei AR3600 versions V200R006C10 through V200R008C20, update to a fixed version. For Huawei AR510 versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei DP300 version V500R002C00, update to a fixed version. For Huawei IPS Module versions V100R001C10 through V500R001C50, update to a fixed version. For Huawei NGFW Module versions V100R001C10 through V500R002C10, update to a fixed version. For Huawei NIP6300 versions V500R001C00 through V500R001C50, update to a fixed version. For Huawei NIP6600 versions V500R001C00 through V500R001C50, update to a fixed version. For Huawei NIP6800 version V500R001C50, update to a fixed version. For Huawei NetEngine16EX versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei RP200 versions V500R002C00 through V600R006C00, update to a fixed version. For Huawei RSE6500 version V500R002C00, update to a fixed version. For Huawei SRG1300 versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei SRG2300 versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei SRG3300 versions V200R006C10 through V200R008C30, update to a fixed version. For Huawei SVN5600 versions V200R003C00 through V200R003C10, update to a fixed version. For Huawei SVN5800 versions V200R003C10 through V200R003C10, update to a fixed version. For Huawei SVN5800-C versions V200R003C00 through V200R003C10, update to a fixed version. For Huawei SeMG9811 version V300R001C01, update to a fixed version. For Huawei Secospace USG6300 versions V100R001C10 through V500R001C50, update to a fixed version. For Huawei Secospace USG6500 versions V100R001C10 through V500R001C50, update to a fixed version. For Huawei Secospace USG6600 versions V100R001C00 through V500R001C50, update to a fixed version. For Huawei TE30 versions V100R001C02 through V600R006C00, update to a fixed version. For Huawei TE40 version V500R002C00 through V600R006C00, update to a fixed version. For Huawei TE50 version V500R002C00 through V600R006C00, update to a fixed version. For Huawei TE60 versions V100R001C01 through V600R006C00, update to a fixed version. For Huawei TP3106 version V100R002C00, update to a fixed version. For Huawei TP3206 versions V100R002C00 through V100R002C10, update to a fixed version. For Huawei USG9500 versions V500R001C00 through V500R001C50, update to a fixed version. For Huawei USG9520 versions V300R001C01 through V300R001C20, update to a fixed version. For Huawei USG9560 versions V300R001C01 through V300R001C20, update to a fixed version. For Huawei USG9580 versions V300R001C01 through V300R001C20, update to a fixed version. For Huawei ViewPoint 9030 versions V100R011C02 through V100R011C03, update to a fixed version. For Huawei eSpace U1981 versions V200R003C20SPC900 through V200R003C30SPC200, update to a fixed version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.