What is the severity of CVE-2017-17317?

The severity of CVE-2017-17317 is medium with a severity value of 3.7.

How can I fix CVE-2017-17317?

To fix CVE-2017-17317, please refer to the security advisory provided by Huawei at the following link: [https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en](https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en)

What is the Common Open Policy Service Protocol (COPS) module?

The Common Open Policy Service Protocol (COPS) module is a protocol used for managing policy information between a policy decision point (PDP) and a policy enforcement point (PEP) in a network.

What is the CWE classification for CVE-2017-17317?

The CWE classification for CVE-2017-17317 is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-20 (Improper Input Validation).

Vulnerability/
CVE-2017-17317

medium

4.3

CWE

119 20

2/7/2018

24/8/2018

CVE-2017-17317: Buffer Overflow

First published: Mon Jul 02 2018(Updated: )

Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal.

Credit: psirt@huawei.com

Affected Software	Affected Version	How to fix
Huawei Dp300 Firmware	=v500r002c00
Huawei DP300
Huawei Rp200 Firmware	=v500r002c00
Huawei Rp200 Firmware	=v600r006c00
Huawei Rp200
Huawei Te30 Firmware	=v100r001c02
Huawei Te30 Firmware	=v100r001c10
Huawei Te30 Firmware	=v500r002c00
Huawei Te30 Firmware	=v600r006c00
Huawei TE30
Huawei Te40 Firmware	=v500r002c00
Huawei Te40 Firmware	=v600r006c00
Huawei Te40
Huawei Te50 Firmware	=v500r002c00
Huawei Te50 Firmware	=v600r006c00
Huawei Te50
Huawei Te60 Firmware	=v100r001c01
Huawei Te60 Firmware	=v100r001c10
Huawei Te60 Firmware	=v500r002c00
Huawei Te60 Firmware	=v600r006c00
Huawei TE60

Never miss a vulnerability like this again

Reference Links

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en

Frequently Asked Questions

What is the severity of CVE-2017-17317?
The severity of CVE-2017-17317 is medium with a severity value of 3.7.
Which software versions are affected by CVE-2017-17317?
Huawei USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, and Secospace USG6600 V100R001C00 are affected by CVE-2017-17317.
How can I fix CVE-2017-17317?
To fix CVE-2017-17317, please refer to the security advisory provided by Huawei at the following link: [https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en](https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en)
What is the Common Open Policy Service Protocol (COPS) module?
The Common Open Policy Service Protocol (COPS) module is a protocol used for managing policy information between a policy decision point (PDP) and a policy enforcement point (PEP) in a network.
What is the CWE classification for CVE-2017-17317?
The CWE classification for CVE-2017-17317 is CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-20 (Improper Input Validation).

collector/nvd-index
vendor/huawei
canonical/huawei dp300 firmware
version/huawei dp300 firmware/v500r002c00
canonical/huawei dp300
canonical/huawei rp200 firmware
version/huawei rp200 firmware/v500r002c00
version/huawei rp200 firmware/v600r006c00
canonical/huawei rp200
canonical/huawei te30 firmware
version/huawei te30 firmware/v100r001c02
version/huawei te30 firmware/v100r001c10
version/huawei te30 firmware/v500r002c00
version/huawei te30 firmware/v600r006c00
canonical/huawei te30
canonical/huawei te40 firmware
version/huawei te40 firmware/v500r002c00
version/huawei te40 firmware/v600r006c00
canonical/huawei te40
canonical/huawei te50 firmware
version/huawei te50 firmware/v500r002c00
version/huawei te50 firmware/v600r006c00
canonical/huawei te50
canonical/huawei te60 firmware
version/huawei te60 firmware/v100r001c01
version/huawei te60 firmware/v100r001c10
version/huawei te60 firmware/v500r002c00
version/huawei te60 firmware/v600r006c00
canonical/huawei te60

CVE-2017-17317: Buffer Overflow

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-17317?

Which software versions are affected by CVE-2017-17317?

How can I fix CVE-2017-17317?

What is the Common Open Policy Service Protocol (COPS) module?

What is the CWE classification for CVE-2017-17317?

Company

Resources

Contact