CVE-2017-17199

Severity CVSS v4.0:

Pending analysis

Type:

CWE-125 Out-of-bounds Read

Publication date:

09/03/2018

Last modified:

29/03/2018

Description

Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable.

Impact

Vector 3.x

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS v3.1 Severity and Metrics:

Base Score: 5.90 MEDIUM
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

Base Score 3.x

5.90

Severity 3.x

MEDIUM

Vector 2.0

AV:N/AC:M/Au:N/C:N/I:N/A:P CVSS v2.0 Severity and Metrics:

Base Score: 4.30 MEDIUM
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Attack Vector (AV): Network
Attack Complexity (AC): Medium
Authentication (Au): None
Confidentiality (C): None
Integrity (I): None
Availability (A): Physical

Base Score 2.0

4.30

Severity 2.0

MEDIUM

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:o:huawei:dp300_firmware:v500r002c00:::::::*
cpe:2.3:h:huawei:dp300:-:::::::*
cpe:2.3:o:huawei:rp200_firmware:v500r002c00:::::::*
cpe:2.3:o:huawei:rp200_firmware:v600r006c00:::::::*
cpe:2.3:h:huawei:rp200:-:::::::*
cpe:2.3:o:huawei:te30_firmware:v100r001c10:::::::*
cpe:2.3:o:huawei:te30_firmware:v500r002c00:::::::*
cpe:2.3:o:huawei:te30_firmware:v600r006c00:::::::*
cpe:2.3:h:huawei:te30:-:::::::*
cpe:2.3:o:huawei:te40_firmware:v500r002c00:::::::*
cpe:2.3:o:huawei:te40_firmware:v600r006c00:::::::*
cpe:2.3:h:huawei:te40:-:::::::*
cpe:2.3:o:huawei:te50_firmware:v500r002c00:::::::*
cpe:2.3:o:huawei:te50_firmware:v600r006c00:::::::*
cpe:2.3:h:huawei:te50:-:::::::*

To consult the complete list of CPE names with products and versions, see this page

References to Advisories, Solutions, and Tools

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en

CPE	From	Up to
cpe:2.3:o:huawei:dp300_firmware:v500r002c00:::::::*
cpe:2.3:h:huawei:dp300:-:::::::*
cpe:2.3:o:huawei:rp200_firmware:v500r002c00:::::::*
cpe:2.3:o:huawei:rp200_firmware:v600r006c00:::::::*
cpe:2.3:h:huawei:rp200:-:::::::*
cpe:2.3:o:huawei:te30_firmware:v100r001c10:::::::*
cpe:2.3:o:huawei:te30_firmware:v500r002c00:::::::*
cpe:2.3:o:huawei:te30_firmware:v600r006c00:::::::*
cpe:2.3:h:huawei:te30:-:::::::*
cpe:2.3:o:huawei:te40_firmware:v500r002c00:::::::*
cpe:2.3:o:huawei:te40_firmware:v600r006c00:::::::*
cpe:2.3:h:huawei:te40:-:::::::*
cpe:2.3:o:huawei:te50_firmware:v500r002c00:::::::*
cpe:2.3:o:huawei:te50_firmware:v600r006c00:::::::*
cpe:2.3:h:huawei:te50:-:::::::*