CVE-2017-17310

Name of the Vulnerable Software and Affected Versions: Huawei DP300 version V500R002C00 Huawei RP200 version V600R006C00 Huawei TE30 versions V100R001C10, V500R002C00, V600R006C00 Huawei TE40 versions V500R002C00, V600R006C00 Huawei TE50 versions V500R002C00, V600R006C00 Huawei TE60 versions V100R001C10, V500R002C00, V600R006C00

Description: The Electronic Numbers to URI Mapping (ENUM) module in some Huawei products has a buffer error issue. This can be exploited by an unauthenticated, remote attacker who controls the peer device and sends specially crafted ENUM packets to the affected products. The issue arises due to insufficient verification of some values in the packets. Successful exploitation may cause a buffer error and result in some services becoming abnormal.

Recommendations: For Huawei DP300 version V500R002C00, update to a version that fixes the buffer error vulnerability in the ENUM module. For Huawei RP200 version V600R006C00, update to a version that fixes the buffer error vulnerability in the ENUM module. For Huawei TE30 versions V100R001C10, V500R002C00, V600R006C00, update to a version that fixes the buffer error vulnerability in the ENUM module. For Huawei TE40 versions V500R002C00, V600R006C00, update to a version that fixes the buffer error vulnerability in the ENUM module. For Huawei TE50 versions V500R002C00, V600R006C00, update to a version that fixes the buffer error vulnerability in the ENUM module. For Huawei TE60 versions V100R001C10, V500R002C00, V600R006C00, update to a version that fixes the buffer error vulnerability in the ENUM module.