Vulnerability Description
Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a out-of-bounds read vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send malformed SOAP packets to the target device. Successful exploit could make the device access invalid memory and might reset a process.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Dp300 Firmware | v500r002c00 |
| Huawei | Dp300 | - |
| Huawei | Rp200 Firmware | v500r002c00 |
| Huawei | Rp200 | - |
| Huawei | Te30 Firmware | v100r001c10 |
| Huawei | Te30 | - |
| Huawei | Te40 Firmware | v500r002c00 |
| Huawei | Te40 | - |
| Huawei | Te50 Firmware | v500r002c00 |
| Huawei | Te50 | - |
| Huawei | Te60 Firmware | v100r001c10 |
| Huawei | Te60 | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-soap-enVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-soap-enVendor Advisory
FAQ
What is CVE-2017-17185?
CVE-2017-17185 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R...
How severe is CVE-2017-17185?
CVE-2017-17185 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-17185?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Dp300 Firmware, Huawei Dp300, Huawei Rp200 Firmware, Huawei Rp200, Huawei Te30 Firmware.