Vulnerability Description
Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted ENUM packets to the affected products. Due to insufficient verification of some values in the packets, successful exploit may cause buffer error and some services abnormal.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Huawei | Dp300 Firmware | v500r002c00spcb00 |
| Huawei | Dp300 | - |
| Huawei | Rp200 Firmware | v600r006c00 |
| Huawei | Rp200 | - |
| Huawei | Te30 Firmware | v100r001c10 |
| Huawei | Te30 | - |
| Huawei | Te40 Firmware | v500r002c00 |
| Huawei | Te40 | - |
| Huawei | Te50 Firmware | v500r002c00 |
| Huawei | Te50 | - |
| Huawei | Te60 Firmware | v100r001c10 |
| Huawei | Te60 | - |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-enVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180418-01-enum-enVendor Advisory
FAQ
What is CVE-2017-17310?
CVE-2017-17310 is a vulnerability with a CVSS score of 7.5 (HIGH). Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C0...
How severe is CVE-2017-17310?
CVE-2017-17310 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-17310?
Check the references section above for vendor advisories and patch information. Affected products include: Huawei Dp300 Firmware, Huawei Dp300, Huawei Rp200 Firmware, Huawei Rp200, Huawei Te30 Firmware.