CVE-2017-15333: Input Validation
First published: Thu Feb 15 2018(Updated: )
XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C05,S5700 V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S6700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C02, V200R008C00, V200R009C00, V200R010C00,S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S9700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,eCNS210_TD V100R004C10, V100R004C10SPC003, V100R004C10SPC100, V100R004C10SPC101, V100R004C10SPC102, V100R004C10SPC200, V100R004C10SPC221, V100R004C10SPC400 has a DOS vulnerability. An attacker may craft specific XML files to the affected products. Due to not check the specially XML file and to parse this file, successful exploit will result in DOS attacks.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei S12700 Firmware | =v200r005c00 | |
| Huawei S12700 Firmware | ||
| Huawei S1700 Firmware | =v200r009c00 | |
| Huawei S1700 Firmware | =v200r010c00 | |
| Huawei S1700 Firmware | ||
| Huawei Campus S5700 firmware | =v200r001c00 | |
| Huawei Campus S5700 firmware | =v200r002c00 | |
| Huawei Campus S5700 firmware | =v200r003c00 | |
| Huawei Campus S5700 firmware | =v200r003c02 | |
| Huawei Campus S5700 firmware | =v200r005c00 | |
| Huawei Campus S5700 firmware | =v200r006c00 | |
| Huawei Campus S5700 firmware | =v200r007c00 | |
| Huawei Campus S5700 firmware | =v200r008c00 | |
| Huawei Campus S5700 firmware | =v200r009c00 | |
| Huawei Campus S5700 firmware | =v200r010c00 | |
| Huawei S5700 Firmware | ||
| Huawei 6700EI firmware | =v200r001c00 | |
| Huawei 6700EI firmware | =v200r002c00 | |
| Huawei 6700EI firmware | =v200r003c00 | |
| Huawei 6700EI firmware | =v200r005c00 | |
| Huawei 6700EI firmware | =v200r005c02 | |
| Huawei 6700EI firmware | =v200r008c00 | |
| Huawei 6700EI firmware | =v200r009c00 | |
| Huawei 6700EI firmware | =v200r010c00 | |
| Huawei S6700 Firmware | ||
| Huawei Campus S7700 firmware | =v200r001c00 | |
| Huawei Campus S7700 firmware | =v200r002c00 | |
| Huawei Campus S7700 firmware | =v200r003c00 | |
| Huawei Campus S7700 firmware | =v200r005c00 | |
| Huawei Campus S7700 firmware | =v200r006c00 | |
| Huawei Campus S7700 firmware | =v200r007c00 | |
| Huawei Campus S7700 firmware | =v200r008c00 | |
| Huawei Campus S7700 firmware | =v200r009c00 | |
| Huawei Campus S7700 firmware | =v200r010c00 | |
| Huawei Campus S7700 | ||
| Huawei LSW S9700 firmware | =v200r001c00 | |
| Huawei LSW S9700 firmware | =v200r002c00 | |
| Huawei LSW S9700 firmware | =v200r003c00 | |
| Huawei LSW S9700 firmware | =v200r005c00 | |
| Huawei LSW S9700 firmware | =v200r006c00 | |
| Huawei LSW S9700 firmware | =v200r007c00 | |
| Huawei LSW S9700 firmware | =v200r008c00 | |
| Huawei LSW S9700 firmware | =v200r009c00 | |
| Huawei LSW S9700 firmware | =v200r010c00 | |
| Huawei 9700 Firmware | ||
| Huawei eCNS210 TD firmware | =v100r004c10 | |
| Huawei eCNS210 TD firmware | =v100r004c10spc003 | |
| Huawei eCNS210 TD firmware | =v100r004c10spc100 | |
| Huawei eCNS210 TD firmware | =v100r004c10spc101 | |
| Huawei eCNS210 TD firmware | =v100r004c10spc102 | |
| Huawei eCNS210 TD firmware | =v100r004c10spc200 | |
| Huawei eCNS210 TD firmware | =v100r004c10spc221 | |
| Huawei eCNS210 TD firmware | =v100r004c10spc400 | |
| Huawei eCNS210 TD firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2017-15333?
CVE-2017-15333 has been classified with a high severity due to its potential impact on device security.
How do I fix CVE-2017-15333?
To fix CVE-2017-15333, ensure that your affected Huawei devices are updated to the latest firmware version that contains the security patch.
Which Huawei devices are affected by CVE-2017-15333?
CVE-2017-15333 affects multiple Huawei devices including the S12700, S1700, S5700, S6700, S7700, and S9700 firmware versions as listed.
What type of vulnerability is CVE-2017-15333?
CVE-2017-15333 is an XML parsing vulnerability that can lead to various security risks.
Is there a workaround for CVE-2017-15333?
Currently, the best mitigation for CVE-2017-15333 is applying the appropriate firmware update as no workaround is recommended.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/huawei s12700 firmware
- version/huawei s12700 firmware/v200r005c00
- canonical/huawei s1700 firmware
- version/huawei s1700 firmware/v200r009c00
- version/huawei s1700 firmware/v200r010c00
- canonical/huawei campus s5700 firmware
- version/huawei campus s5700 firmware/v200r001c00
- version/huawei campus s5700 firmware/v200r002c00
- version/huawei campus s5700 firmware/v200r003c00
- version/huawei campus s5700 firmware/v200r003c02
- version/huawei campus s5700 firmware/v200r005c00
- version/huawei campus s5700 firmware/v200r006c00
- version/huawei campus s5700 firmware/v200r007c00
- version/huawei campus s5700 firmware/v200r008c00
- version/huawei campus s5700 firmware/v200r009c00
- version/huawei campus s5700 firmware/v200r010c00
- canonical/huawei s5700 firmware
- canonical/huawei 6700ei firmware
- version/huawei 6700ei firmware/v200r001c00
- version/huawei 6700ei firmware/v200r002c00
- version/huawei 6700ei firmware/v200r003c00
- version/huawei 6700ei firmware/v200r005c00
- version/huawei 6700ei firmware/v200r005c02
- version/huawei 6700ei firmware/v200r008c00
- version/huawei 6700ei firmware/v200r009c00
- version/huawei 6700ei firmware/v200r010c00
- canonical/huawei s6700 firmware
- canonical/huawei campus s7700 firmware
- version/huawei campus s7700 firmware/v200r001c00
- version/huawei campus s7700 firmware/v200r002c00
- version/huawei campus s7700 firmware/v200r003c00
- version/huawei campus s7700 firmware/v200r005c00
- version/huawei campus s7700 firmware/v200r006c00
- version/huawei campus s7700 firmware/v200r007c00
- version/huawei campus s7700 firmware/v200r008c00
- version/huawei campus s7700 firmware/v200r009c00
- version/huawei campus s7700 firmware/v200r010c00
- canonical/huawei campus s7700
- canonical/huawei lsw s9700 firmware
- version/huawei lsw s9700 firmware/v200r001c00
- version/huawei lsw s9700 firmware/v200r002c00
- version/huawei lsw s9700 firmware/v200r003c00
- version/huawei lsw s9700 firmware/v200r005c00
- version/huawei lsw s9700 firmware/v200r006c00
- version/huawei lsw s9700 firmware/v200r007c00
- version/huawei lsw s9700 firmware/v200r008c00
- version/huawei lsw s9700 firmware/v200r009c00
- version/huawei lsw s9700 firmware/v200r010c00
- canonical/huawei 9700 firmware
- canonical/huawei ecns210 td firmware
- version/huawei ecns210 td firmware/v100r004c10
- version/huawei ecns210 td firmware/v100r004c10spc003
- version/huawei ecns210 td firmware/v100r004c10spc100
- version/huawei ecns210 td firmware/v100r004c10spc101
- version/huawei ecns210 td firmware/v100r004c10spc102
- version/huawei ecns210 td firmware/v100r004c10spc200
- version/huawei ecns210 td firmware/v100r004c10spc221
- version/huawei ecns210 td firmware/v100r004c10spc400