CVE-2017-2712

Name of the Vulnerable Software and Affected Versions Huawei S3300 versions V100R006C05 Huawei VRP-based products (affected versions not specified)

Description The issue is related to an Ethernet in the First Mile (EFM) flapping vulnerability due to the lack of type-length-value (TLV) consistency check. An attacker may craft malformed packets and send them to a device to cause EFM flapping.

Recommendations For Huawei S3300 version V100R006C05, consider restricting access to the EFM module to minimize the risk of exploitation. For Huawei VRP-based products, at the moment, there is no information about a newer version that contains a fix for this vulnerability.