What is the severity of CVE-2017-15349?

The severity of CVE-2017-15349 is high, with a score of 7.5.

What is the vulnerability description of CVE-2017-15349?

CVE-2017-15349 is a memory leak vulnerability in Huawei CloudEngine and CloudEngine 5800, 6800, and 7800 series devices.

How can I fix CVE-2017-15349?

To fix CVE-2017-15349, Huawei recommends upgrading the firmware to V100R006C10SPC800 or a later version.

Where can I find more information about CVE-2017-15349?

More information about CVE-2017-15349 can be found on the Huawei Security Advisory website at http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en.

Vulnerability/
CVE-2017-15349

high

7.5

CWE

772

15/2/2018

5/8/2024

CVE-2017-15349

First published: Thu Feb 15 2018(Updated: )

Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition.

Credit: psirt@huawei.com

Affected Software	Affected Version	How to fix
Huawei Cloudengine 12800 Firmware	=v100r003c00
Huawei Cloudengine 12800 Firmware	=v100r005c00
Huawei Cloudengine 12800 Firmware	=v100r005c10
Huawei Cloudengine 12800 Firmware	=v100r006c00
Huawei CloudEngine 12800
Huawei Cloudengine 5800 Firmware	=v100r003c00
Huawei Cloudengine 5800 Firmware	=v100r005c00
Huawei Cloudengine 5800 Firmware	=v100r005c10
Huawei Cloudengine 5800 Firmware	=v100r006c00
Huawei CloudEngine 5800
Huawei Cloudengine 6800 Firmware	=v100r003c00
Huawei Cloudengine 6800 Firmware	=v100r005c00
Huawei Cloudengine 6800 Firmware	=v100r005c10
Huawei Cloudengine 6800 Firmware	=v100r006c00
Huawei CloudEngine 6800
Huawei Cloudengine 7800 Firmware	=v100r003c00
Huawei Cloudengine 7800 Firmware	=v100r005c00
Huawei Cloudengine 7800 Firmware	=v100r005c10
Huawei Cloudengine 7800 Firmware	=v100r006c00
Huawei Cloudengine 7800

Never miss a vulnerability like this again

Reference Links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en

Frequently Asked Questions

What is the severity of CVE-2017-15349?
The severity of CVE-2017-15349 is high, with a score of 7.5.
Which Huawei devices are affected by CVE-2017-15349?
Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00, CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00, CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00, and CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 are affected by CVE-2017-15349.
What is the vulnerability description of CVE-2017-15349?
CVE-2017-15349 is a memory leak vulnerability in Huawei CloudEngine and CloudEngine 5800, 6800, and 7800 series devices.
How can I fix CVE-2017-15349?
To fix CVE-2017-15349, Huawei recommends upgrading the firmware to V100R006C10SPC800 or a later version.
Where can I find more information about CVE-2017-15349?
More information about CVE-2017-15349 can be found on the Huawei Security Advisory website at http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en.

collector/nvd-index
agent/severity
agent/references
agent/author
agent/type
agent/weakness
agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/softwarecombine
agent/tags
collector/mitre-cve
source/MITRE
vendor/huawei
canonical/huawei cloudengine 12800 firmware
version/huawei cloudengine 12800 firmware/v100r003c00
version/huawei cloudengine 12800 firmware/v100r005c00
version/huawei cloudengine 12800 firmware/v100r005c10
version/huawei cloudengine 12800 firmware/v100r006c00
canonical/huawei cloudengine 12800
canonical/huawei cloudengine 5800 firmware
version/huawei cloudengine 5800 firmware/v100r003c00
version/huawei cloudengine 5800 firmware/v100r005c00
version/huawei cloudengine 5800 firmware/v100r005c10
version/huawei cloudengine 5800 firmware/v100r006c00
canonical/huawei cloudengine 5800
canonical/huawei cloudengine 6800 firmware
version/huawei cloudengine 6800 firmware/v100r003c00
version/huawei cloudengine 6800 firmware/v100r005c00
version/huawei cloudengine 6800 firmware/v100r005c10
version/huawei cloudengine 6800 firmware/v100r006c00
canonical/huawei cloudengine 6800
canonical/huawei cloudengine 7800 firmware
version/huawei cloudengine 7800 firmware/v100r003c00
version/huawei cloudengine 7800 firmware/v100r005c00
version/huawei cloudengine 7800 firmware/v100r005c10
version/huawei cloudengine 7800 firmware/v100r006c00
canonical/huawei cloudengine 7800

CVE-2017-15349

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-15349?

Which Huawei devices are affected by CVE-2017-15349?

What is the vulnerability description of CVE-2017-15349?

How can I fix CVE-2017-15349?

Where can I find more information about CVE-2017-15349?

Company

Resources

Contact