CVE-2017-17200 - Vulnerability Details

Vendors	Products
Huawei	Dp300 Dp300 Firmware Rp200 Rp200 Firmware Te30 Te30 Firmware Te40 Te40 Firmware Te50 Te50 Firmware Te60 Te60 Firmware

Link	Providers
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "DP300; RP200; TE30; TE40; TE50; TE60", "vendor": "Huawei Technologies Co., Ltd.", "versions": [{"status": "affected", "version": "DP300 V500R002C00"}, {"status": "affected", "version": "RP200 V500R002C00"}, {"status": "affected", "version": "V600R006C00"}, {"status": "affected", "version": "TE30 V100R001C10"}, {"status": "affected", "version": "V500R002C00"}, {"status": "affected", "version": "TE40 V500R002C00"}, {"status": "affected", "version": "TE50 V500R002C00"}, {"status": "affected", "version": "TE60 V100R001C10"}]}], "datePublic": "2018-02-07T00:00:00", "descriptions": [{"lang": "en", "value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable."}], "problemTypes": [{"descriptions": [{"description": "out-of-bounds read", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-03-09T16:57:01", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "ID": "CVE-2017-17200", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "DP300; RP200; TE30; TE40; TE50; TE60", "version": {"version_data": [{"version_value": "DP300 V500R002C00"}, {"version_value": "RP200 V500R002C00"}, {"version_value": "V600R006C00"}, {"version_value": "TE30 V100R001C10"}, {"version_value": "V500R002C00"}, {"version_value": "V600R006C00"}, {"version_value": "TE40 V500R002C00"}, {"version_value": "V600R006C00"}, {"version_value": "TE50 V500R002C00"}, {"version_value": "V600R006C00"}, {"version_value": "TE60 V100R001C10"}, {"version_value": "V500R002C00"}, {"version_value": "V600R006C00"}]}}]}, "vendor_name": "Huawei Technologies Co., Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "out-of-bounds read"}]}]}, "references": {"reference_data": [{"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T20:43:59.891Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"}]}]}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2017-17200", "datePublished": "2018-03-09T17:00:00", "dateReserved": "2017-12-04T00:00:00", "dateUpdated": "2024-08-05T20:43:59.891Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : DP300; RP200; TE30; TE40; TE50; TE60 (string)

vendor : Huawei Technologies Co., Ltd. (string)

versions : [ »

0 : { »

status : affected (string)

version : DP300 V500R002C00 (string)

}

1 : { »

status : affected (string)

version : RP200 V500R002C00 (string)

}

2 : { »

status : affected (string)

version : V600R006C00 (string)

}

3 : { »

status : affected (string)

version : TE30 V100R001C10 (string)

}

4 : { »

status : affected (string)

version : V500R002C00 (string)

}

5 : { »

status : affected (string)

version : TE40 V500R002C00 (string)

}

6 : { »

status : affected (string)

version : TE50 V500R002C00 (string)

}

7 : { »

status : affected (string)

version : TE60 V100R001C10 (string)

}

]

}

]

datePublic : 2018-02-07T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : out-of-bounds read (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2018-03-09T16:57:01 (string)

orgId : 25ac1063-e409-4190-8079-24548c77ea2e (string)

shortName : huawei (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : psirt@huawei.com (string)

ID : CVE-2017-17200 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : DP300; RP200; TE30; TE40; TE50; TE60 (string)

version : { »

version_data : [ »

0 : { »

version_value : DP300 V500R002C00 (string)

}

1 : { »

version_value : RP200 V500R002C00 (string)

}

2 : { »

version_value : V600R006C00 (string)

}

3 : { »

version_value : TE30 V100R001C10 (string)

}

4 : { »

version_value : V500R002C00 (string)

}

5 : { »

version_value : V600R006C00 (string)

}

6 : { »

version_value : TE40 V500R002C00 (string)

}

7 : { »

version_value : V600R006C00 (string)

}

8 : { »

version_value : TE50 V500R002C00 (string)

}

9 : { »

version_value : V600R006C00 (string)

}

10 : { »

version_value : TE60 V100R001C10 (string)

}

11 : { »

version_value : V500R002C00 (string)

}

12 : { »

version_value : V600R006C00 (string)

}

]

}

]

}

vendor_name : Huawei Technologies Co., Ltd. (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : out-of-bounds read (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en (string)

refsource : CONFIRM (string)

url : http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T20:43:59.891Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 25ac1063-e409-4190-8079-24548c77ea2e (string)

assignerShortName : huawei (string)

cveId : CVE-2017-17200 (string)

datePublished : 2018-03-09T17:00:00 (string)

dateReserved : 2017-12-04T00:00:00 (string)

dateUpdated : 2024-08-05T20:43:59.891Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*", "matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*", "matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*", "matchCriteriaId": "16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*", "matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*", "matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*", "matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*", "matchCriteriaId": "9DEA387B-4F45-438F-8086-6E80B553163C", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*", "matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*", "matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*", "matchCriteriaId": "DDD87254-ABAD-4DFF-BC0D-2CF030063D6F", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*", "matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*", "matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*", "matchCriteriaId": "DF7A4D51-314B-4A77-86A7-9C5237BC4275", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*", "matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*", "matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*", "matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*", "matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*", "matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*", "matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable."}, {"lang": "es", "value": "Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00 y V600R006C000 tienen una vulnerabilidad de lectura fuera de l\u00edmites debido al procesamiento incorrecto de mensajes H323 mal formados. Un atacante remoto que controle un servidor podr\u00eda explotar esta vulnerabilidad enviando mensajes de respuesta H323 mal formados a un dispositivo objetivo. Un exploit con \u00e9xito podr\u00eda hacer que el dispositivo lea fuera de l\u00edmites y, probablemente, hacer que un servicio no est\u00e9 disponible."}], "id": "CVE-2017-17200", "lastModified": "2024-11-21T03:17:40.213", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-03-09T17:29:00.937", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:* (string)

matchCriteriaId : 8871106B-D3AF-4CFB-A544-1FA411642428 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7F3483B2-9EB6-4E34-900A-945C04A3160D (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:* (string)

matchCriteriaId : 16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:* (string)

matchCriteriaId : 67731A77-1DD4-49B2-B437-2850C9583750 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 98275088-2FBE-42F4-AAEC-DF02950B803D (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:* (string)

matchCriteriaId : DA3EF476-42D7-4758-8DCB-373F46BF1CF5 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:* (string)

matchCriteriaId : 9DEA387B-4F45-438F-8086-6E80B553163C (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:* (string)

matchCriteriaId : 018039EB-7265-4B71-B462-4734FD1D0503 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

3 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:* (string)

matchCriteriaId : DDD87254-ABAD-4DFF-BC0D-2CF030063D6F (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:* (string)

matchCriteriaId : 931FD3B3-A333-4277-AE55-494F5DB9F09F (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 45C3AF58-E030-4E12-A2FD-A4337A5021ED (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

4 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:* (string)

matchCriteriaId : DF7A4D51-314B-4A77-86A7-9C5237BC4275 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:* (string)

matchCriteriaId : A70F8924-DC80-4D6F-BA3E-DBFE32FED788 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A4F188B3-0A63-4704-9B0D-F8DF5D973FA5 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

5 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:* (string)

matchCriteriaId : 092C9FAF-8892-4E16-9C0E-BB1E3488C6C4 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:* (string)

matchCriteriaId : 01BC9042-0485-437F-811F-F8898B3B7EA7 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:* (string)

matchCriteriaId : 4A29049D-F472-4772-8750-20730DA624E9 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 999117E9-90C8-4E76-90B5-7D364C0B84BF (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability due to the improper processing of malformed H323 messages. A remote attacker that controls a server could exploit this vulnerability by sending malformed H323 reply messages to a target device. Successful exploit could make the device read out of bounds and probably make a service unavailable. (string)

}

1 : { »

lang : es (string)

value : Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00 y V600R006C000 tienen una vulnerabilidad de lectura fuera de límites debido al procesamiento incorrecto de mensajes H323 mal formados. Un atacante remoto que controle un servidor podría explotar esta vulnerabilidad enviando mensajes de respuesta H323 mal formados a un dispositivo objetivo. Un exploit con éxito podría hacer que el dispositivo lea fuera de límites y, probablemente, hacer que un servicio no esté disponible. (string)

}

]

id : CVE-2017-17200 (string)

lastModified : 2024-11-21T03:17:40.213 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 4.3 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:M/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 5.9 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 2.2 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2018-03-09T17:29:00.937 (string)

references : [ »

0 : { »

source : psirt@huawei.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-03-h323-en (string)

}

]

sourceIdentifier : psirt@huawei.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-125 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object