CVE-2017-15342: Buffer Overflow
First published: Thu Feb 15 2018(Updated: )
Huawei DP300 V500R002C00, TE60 V600R006C00, TP3106 V100R002C00, eSpace U1981 V200R003C30SPC100 have a denial of service vulnerability. The software does not correctly calculate the rest size in a buffer when handling SSL connections. A remote unauthenticated attacker could send a lot of crafted SSL messages to the device, successful exploit could cause no space in the buffer and then denial of service.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Dp300 Firmware | =v500r002c00 | |
| Huawei DP300 | ||
| Huawei Te60 Firmware | =v600r006c00 | |
| Huawei TE60 | ||
| Huawei Tp3106 Firmware | =v100r002c00 | |
| Huawei Tp3106 | ||
| Huawei Espace U1981 Firmware | =v200r003c30spc100 | |
| Huawei Espace U1981 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability severity of CVE-2017-15342?
The vulnerability severity of CVE-2017-15342 is high with a severity value of 7.5.
How does CVE-2017-15342 impact Huawei DP300 V500R002C00?
CVE-2017-15342 can cause a denial of service vulnerability in Huawei DP300 V500R002C00 as the software does not correctly calculate the rest size in a buffer when handling SSL connections.
Is Huawei DP300 V500R002C00 vulnerable to CVE-2017-15342?
Yes, Huawei DP300 V500R002C00 is vulnerable to CVE-2017-15342.
How can I fix the CVE-2017-15342 vulnerability?
To fix the CVE-2017-15342 vulnerability, it is recommended to apply the security patch provided by Huawei. Please refer to the official Huawei security advisory for more information.
Where can I find more information about CVE-2017-15342?
You can find more information about CVE-2017-15342 in the official Huawei security advisory available at http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ssl-en.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei dp300 firmware
- version/huawei dp300 firmware/v500r002c00
- canonical/huawei dp300
- canonical/huawei te60 firmware
- version/huawei te60 firmware/v600r006c00
- canonical/huawei te60
- canonical/huawei tp3106 firmware
- version/huawei tp3106 firmware/v100r002c00
- canonical/huawei tp3106
- canonical/huawei espace u1981 firmware
- version/huawei espace u1981 firmware/v200r003c30spc100
- canonical/huawei espace u1981