CVE-2017-17147: Integer Overflow
First published: Fri Mar 09 2018(Updated: )
Huawei DP300 V500R002C00 have an integer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei Dp300 Firmware | <=v500r002c00 | |
| Huawei DP300 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2017-17147.
What is the severity level of CVE-2017-17147?
The severity level of CVE-2017-17147 is medium with a value of 5.5.
How does the vulnerability CVE-2017-17147 affect Huawei DP300 V500R002C00?
The vulnerability CVE-2017-17147 affects Huawei DP300 V500R002C00 by allowing an authenticated local attacker to craft specific XML files, resulting in DoS attacks.
How can this vulnerability be exploited?
This vulnerability can be exploited by crafting malicious XML files and parsing them in the affected Huawei DP300 V500R002C00.
Is Huawei DP300 V500R002C00 the only affected software?
No, another affected software is Huawei DP300 Firmware.
- collector/nvd-index
- agent/type
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/tags
- agent/description
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/huawei
- canonical/huawei dp300 firmware
- version/huawei dp300 firmware/v500r002c00
- canonical/huawei dp300