CVE-2017-15342

Name of the Vulnerable Software and Affected Versions: Huawei DP300 version V500R002C00 Huawei TE60 version V600R006C00 Huawei TP3106 version V100R002C00 Huawei eSpace U1981 version V200R003C30SPC100

Description: The issue is related to a denial of service condition. It occurs because the software incorrectly calculates the remaining size in a buffer when handling SSL connections. A remote unauthenticated attacker could exploit this by sending a large number of crafted SSL messages to the device. Successful exploitation could lead to a denial of service due to insufficient space in the buffer.

Recommendations: For Huawei DP300 version V500R002C00, update the software to a version that correctly handles SSL connections to prevent denial of service. For Huawei TE60 version V600R006C00, apply a patch that fixes the buffer size calculation issue to mitigate the risk. For Huawei TP3106 version V100R002C00, restrict access to SSL connections until a software update is available that addresses the buffer size miscalculation. For Huawei eSpace U1981 version V200R003C30SPC100, consider disabling SSL connections temporarily as a workaround until a fixed version of the software is released.