CVE-2017-15315

CWE-7723 documents3 sources
Severity
6.5MEDIUM
EPSS
0.2%
top 63.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Huawei Nip6300 FirmwareHuawei Nip6600 FirmwareHuawei Secospace Usg6300 Firmware+1 more
Timeline
PublishedMar 9
Latest updateMay 13

Description

Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200 has a memory leak vulnerability. An authenticated attacker could execute special commands many times, the memory leaking happened, which would cause the device to reset finally.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

NVDhuawei/secospace_usg6300_firmwarev500r001c20spc100, v500r001c20spc200+1
NVDhuawei/secospace_usg6500_firmwarev500r001c20spc100, v500r001c20spc200+1
NVDhuawei/nip6300_firmwarev500r001c20spc100, v500r001c20spc200+1
NVDhuawei/nip6600_firmwarev500r001c20spc100, v500r001c20spc200+1

🔴Vulnerability Details

2
GHSA
GHSA-6cw3-whjr-xwjw: Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC1002022-05-13
CVEList
CVE-2017-15315: Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC1002018-03-09
CVE-2017-15315 (MEDIUM CVSS 6.5) | Patch module of Huawei NIP6300 V500 | cvebase.io