1. Home
  2. CVE Database
  3. CVE-2017-17166
MEDIUM · 5.3

CVE-2017-17166

Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V500R001C00, V50...

Vulnerability Description

Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, TP3206 V100R002C00, VP9660 V500R002C00, V500R002C10 have a resource exhaustion vulnerability. The software does not process certain field of H.323 message properly, a remote unauthenticated attacker could send crafted H.323 message to the device, successful exploit could cause certain service unavailable since the stack memory is exhausted.

CVSS Score

5.3

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW

Affected Products

VendorProductVersions
HuaweiDp300 Firmwarev500r002c00
HuaweiDp300-
HuaweiSecospace Usg6300 Firmwarev500r001c00
HuaweiSecospace Usg6300-
HuaweiSecospace Usg6500 Firmwarev500r001c00
HuaweiSecospace Usg6500-
HuaweiSecospace Usg6600 Firmwarev500r001c00
HuaweiSecospace Usg6600-
HuaweiTp3206 Firmwarev100r002c00
HuaweiTp3206-
HuaweiVp9660 Firmwarev500r002c00
HuaweiVp9660-

Related Weaknesses (CWE)

CWE-400

References

FAQ

What is CVE-2017-17166?

CVE-2017-17166 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V500R001C00, V50...

How severe is CVE-2017-17166?

CVE-2017-17166 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-17166?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Dp300 Firmware, Huawei Dp300, Huawei Secospace Usg6300 Firmware, Huawei Secospace Usg6300, Huawei Secospace Usg6500 Firmware.