Vulnerability Description
Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Cloudengine 12800 Firmware | v100r003c00 |
| Huawei | Cloudengine 12800 | - |
| Huawei | Cloudengine 5800 Firmware | v100r003c00 |
| Huawei | Cloudengine 5800 | - |
| Huawei | Cloudengine 6800 Firmware | v100r003c00 |
| Huawei | Cloudengine 6800 | - |
| Huawei | Cloudengine 7800 Firmware | v100r003c00 |
| Huawei | Cloudengine 7800 | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-Vendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-Vendor Advisory
FAQ
What is CVE-2017-15349?
CVE-2017-15349 is a vulnerability with a CVSS score of 7.5 (HIGH). Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, ...
How severe is CVE-2017-15349?
CVE-2017-15349 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-15349?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Cloudengine 12800 Firmware, Huawei Cloudengine 12800, Huawei Cloudengine 5800 Firmware, Huawei Cloudengine 5800, Huawei Cloudengine 6800 Firmware.