1. Home
  2. CVE Database
  3. CVE-2017-15314
MEDIUM · 5.5

CVE-2017-15314

Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600...

Vulnerability Description

Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.

CVSS Score

5.5

MEDIUM

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
HuaweiDp300 Firmwarev500r002c00
HuaweiDp300-
HuaweiRp200 Firmwarev500r002c00spc200
HuaweiRp200-
HuaweiTe30 Firmwarev100r001c10spc300
HuaweiTe30-
HuaweiTe40 Firmwarev500r002c00spc600
HuaweiTe40-
HuaweiTe50 Firmwarev500r002c00spc600
HuaweiTe50-
HuaweiTe60 Firmwarev100r001c10
HuaweiTe60-

Related Weaknesses (CWE)

CWE-772

References

FAQ

What is CVE-2017-15314?

CVE-2017-15314 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600...

How severe is CVE-2017-15314?

CVE-2017-15314 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-15314?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Dp300 Firmware, Huawei Dp300, Huawei Rp200 Firmware, Huawei Rp200, Huawei Te30 Firmware.