CVE-2017-17284

Name of the Vulnerable Software and Affected Versions: Huawei DP300 versions V500R002C00 Huawei RP200 versions V500R002C00, V600R006C00 Huawei TE30 versions V100R001C10, V500R002C00, V600R006C00 Huawei TE40 versions V500R002C00, V600R006C00 Huawei TE50 versions V500R002C00, V600R006C00 Huawei TE60 versions V100R001C01, V100R001C10, V500R002C00, V600R006C00

Description: The issue is related to a resource management error. A remote attacker can send a huge number of specially crafted SIP messages to the affected products. The successful exploit will cause some services to become abnormal due to improper handling of some values in the messages.

Recommendations: For Huawei DP300 version V500R002C00, update to a version that fixes the resource management error vulnerability. For Huawei RP200 versions V500R002C00, V600R006C00, update to a version that fixes the resource management error vulnerability. For Huawei TE30 versions V100R001C10, V500R002C00, V600R006C00, update to a version that fixes the resource management error vulnerability. For Huawei TE40 versions V500R002C00, V600R006C00, update to a version that fixes the resource management error vulnerability. For Huawei TE50 versions V500R002C00, V600R006C00, update to a version that fixes the resource management error vulnerability. For Huawei TE60 versions V100R001C01, V100R001C10, V500R002C00, V600R006C00, update to a version that fixes the resource management error vulnerability. As a temporary workaround, consider restricting the handling of SIP messages to minimize the risk of exploitation.