First published: Wed Nov 22 2017(Updated: )
MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the system as a user and send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot.
Credit: psirt@huawei.com
Affected Software | Affected Version | How to fix |
---|---|---|
=v100r001c00 | ||
Huawei Tp3106 Firmware | =v100r002c00 | |
Huawei Tp3106 | ||
Huawei Tp3206 Firmware | =v100r002c00 | |
Huawei Tp3206 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2017-8200 is medium.
CVE-2017-8200 is an out-of-bounds read vulnerability in the H323 protocol.
MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 are affected by CVE-2017-8200.
An attacker can exploit CVE-2017-8200 by logging into the system as a user and sending crafted packets to the affected products.
References for CVE-2017-8200 can be found at the following links: [link1](http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170927-01-h323-en) and [link2](http://www.securityfocus.com/bid/101948).