CVE-2017-15323: Input Validation
First published: Fri Mar 09 2018(Updated: )
Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eCNS210_TD V100R004C10, eSpace U1981 V200R003C30 have a DoS vulnerability caused by memory exhaustion in some Huawei products. For lacking of adequate input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service (DoS).
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Dp300 Firmware | =v500r002c00 | |
| Huawei DP300 | ||
| Huawei Nip6600 Firmware | =v500r001c00 | |
| Huawei Nip6600 Firmware | =v500r001c20 | |
| Huawei Nip6600 Firmware | =v500r001c30 | |
| Huawei Nip6600 | ||
| Huawei Secospace Usg6500 Firmware | =v500r001c00 | |
| Huawei Secospace Usg6500 Firmware | =v500r001c20 | |
| Huawei Secospace Usg6500 Firmware | =v500r001c30 | |
| Huawei Secospace Usg6500 | ||
| Huawei Te60 Firmware | =v100r001c01 | |
| Huawei Te60 Firmware | =v100r001c10 | |
| Huawei Te60 Firmware | =v100r003c00 | |
| Huawei Te60 Firmware | =v500r002c00 | |
| Huawei Te60 Firmware | =v600r006c00 | |
| Huawei TE60 | ||
| Huawei Tp3106 Firmware | =v100r001c06 | |
| Huawei Tp3106 Firmware | =v100r002c00 | |
| Huawei Tp3106 | ||
| Huawei Vp9660 Firmware | =v200r001c02 | |
| Huawei Vp9660 Firmware | =v200r001c30 | |
| Huawei Vp9660 Firmware | =v500r002c00 | |
| Huawei Vp9660 Firmware | =v500r002c10 | |
| Huawei VP9660 | ||
| Huawei Viewpoint 8660 Firmware | =v100r008c03 | |
| Huawei ViewPoint 8660 | ||
| Huawei Viewpoint 9030 Firmware | =v100r011c02 | |
| Huawei Viewpoint 9030 Firmware | =v100r011c03 | |
| Huawei Viewpoint 9030 | ||
| Huawei Ecns210 Td Firmware | =v100r004c10 | |
| Huawei Ecns210 Td | ||
| Huawei Espace U1981 Firmware | =v200r003c30 | |
| Huawei Espace U1981 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this Huawei security advisory?
The vulnerability ID for this Huawei security advisory is CVE-2017-15323.
What is the severity of CVE-2017-15323?
The severity of CVE-2017-15323 is medium with a severity value of 5.5.
Which Huawei products are affected by CVE-2017-15323?
Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, Ecns210 TD V100R004C10, and Espace U1981 V200R003C30.
What is the CVE ID format for this vulnerability?
The CVE ID format for this vulnerability is CVE-YYYY-NNNNN.
Where can I find more information about CVE-2017-15323?
You can find more information about CVE-2017-15323 in the Huawei security advisory at http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-pse-en.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/author
- agent/references
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei dp300 firmware
- version/huawei dp300 firmware/v500r002c00
- canonical/huawei dp300
- canonical/huawei nip6600 firmware
- version/huawei nip6600 firmware/v500r001c00
- version/huawei nip6600 firmware/v500r001c20
- version/huawei nip6600 firmware/v500r001c30
- canonical/huawei nip6600
- canonical/huawei secospace usg6500 firmware
- version/huawei secospace usg6500 firmware/v500r001c00
- version/huawei secospace usg6500 firmware/v500r001c20
- version/huawei secospace usg6500 firmware/v500r001c30
- canonical/huawei secospace usg6500
- canonical/huawei te60 firmware
- version/huawei te60 firmware/v100r001c01
- version/huawei te60 firmware/v100r001c10
- version/huawei te60 firmware/v100r003c00
- version/huawei te60 firmware/v500r002c00
- version/huawei te60 firmware/v600r006c00
- canonical/huawei te60
- canonical/huawei tp3106 firmware
- version/huawei tp3106 firmware/v100r001c06
- version/huawei tp3106 firmware/v100r002c00
- canonical/huawei tp3106
- canonical/huawei vp9660 firmware
- version/huawei vp9660 firmware/v200r001c02
- version/huawei vp9660 firmware/v200r001c30
- version/huawei vp9660 firmware/v500r002c00
- version/huawei vp9660 firmware/v500r002c10
- canonical/huawei vp9660
- canonical/huawei viewpoint 8660 firmware
- version/huawei viewpoint 8660 firmware/v100r008c03
- canonical/huawei viewpoint 8660
- canonical/huawei viewpoint 9030 firmware
- version/huawei viewpoint 9030 firmware/v100r011c02
- version/huawei viewpoint 9030 firmware/v100r011c03
- canonical/huawei viewpoint 9030
- canonical/huawei ecns210 td firmware
- version/huawei ecns210 td firmware/v100r004c10
- canonical/huawei ecns210 td
- canonical/huawei espace u1981 firmware
- version/huawei espace u1981 firmware/v200r003c30
- canonical/huawei espace u1981