1. Home
  2. CVE Database
  3. CVE-2017-15323
MEDIUM · 5.5

CVE-2017-15323

Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, ...

Vulnerability Description

Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eCNS210_TD V100R004C10, eSpace U1981 V200R003C30 have a DoS vulnerability caused by memory exhaustion in some Huawei products. For lacking of adequate input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service (DoS).

CVSS Score

5.5

MEDIUM

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
HuaweiDp300 Firmwarev500r002c00
HuaweiDp300-
HuaweiNip6600 Firmwarev500r001c00
HuaweiNip6600-
HuaweiSecospace Usg6500 Firmwarev500r001c00
HuaweiSecospace Usg6500-
HuaweiTe60 Firmwarev100r001c01
HuaweiTe60-
HuaweiTp3106 Firmwarev100r001c06
HuaweiTp3106-
HuaweiVp9660 Firmwarev200r001c02
HuaweiVp9660-
HuaweiViewpoint 8660 Firmwarev100r008c03
HuaweiViewpoint 8660-
HuaweiViewpoint 9030 Firmwarev100r011c02
HuaweiViewpoint 9030-
HuaweiEcns210 Td Firmwarev100r004c10
HuaweiEcns210 Td-
HuaweiEspace U1981 Firmwarev200r003c30
HuaweiEspace U1981-

Related Weaknesses (CWE)

CWE-400

References

FAQ

What is CVE-2017-15323?

CVE-2017-15323 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, ...

How severe is CVE-2017-15323?

CVE-2017-15323 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-15323?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Dp300 Firmware, Huawei Dp300, Huawei Nip6600 Firmware, Huawei Nip6600, Huawei Secospace Usg6500 Firmware.