PT-2018-6465 · Huawei · Te50+5
Published
2018-03-09
·
Updated
2018-03-29
·
CVE-2017-17281
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Huawei DP300 versions V500R002C00
Huawei RP200 version V600R006C00
Huawei TE30 versions V100R001C10, V500R002C00, V600R006C00
Huawei TE40 versions V500R002C00, V600R006C00
Huawei TE50 versions V500R002C00, V600R006C00
Huawei TE60 versions V100R001C10, V500R002C00, V600R006C00
Description:
The SFTP module has an out-of-bounds read issue. A remote, authenticated attacker could exploit this by sending specially crafted messages to a target device, potentially causing information leak.
Recommendations:
For Huawei DP300 version V500R002C00, update to a fixed version to resolve the issue.
For Huawei RP200 version V600R006C00, update to a fixed version to resolve the issue.
For Huawei TE30 versions V100R001C10, V500R002C00, V600R006C00, update to a fixed version to resolve the issue.
For Huawei TE40 versions V500R002C00, V600R006C00, update to a fixed version to resolve the issue.
For Huawei TE50 versions V500R002C00, V600R006C00, update to a fixed version to resolve the issue.
For Huawei TE60 versions V100R001C10, V500R002C00, V600R006C00, update to a fixed version to resolve the issue.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dp300
Rp200
Te30
Te40
Te50
Te60