Published: 02/07/2018 Updated: 11/09/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal.

Vulnerable Product	Search on Vulmon	Subscribe to Product
huawei dp300_firmware v500r002c00
huawei rp200_firmware v500r002c00
huawei rp200_firmware v600r006c00
huawei te30_firmware v100r001c10
huawei te30_firmware v500r002c00
huawei te30_firmware v600r006c00
huawei te40_firmware v500r002c00
huawei te40_firmware v600r006c00
huawei te50_firmware v600r006c00
huawei te50_firmware v500r002c00
huawei te60_firmware v100r001c10
huawei te60_firmware v600r006c00
huawei te60_firmware v500r002c00

CWE-125 https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-sccp-en https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-17316

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect