CVE-2017-15317

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

7.5HIGH

EPSS

0.1%

top 64.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Technologies Co., Ltd. Ar120-s Huawei Technologies Co., Ltd. Ar1200 Huawei Technologies Co., Ltd. Ar1200-s +27 more

Timeline

PublishedDec 22

Latest updateMay 14

Description

AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages30 packages

▶NVDhuawei/ar1200_firmware7 versions+6

▶NVDhuawei/ar1200-s_firmware4 versions+3

▶CVEListV5huawei_technologies_co.,_ltd./ar12007 versions+6

▶CVEListV5huawei_technologies_co.,_ltd./ar1200-s4 versions+3

▶NVDhuawei/ar150_firmware6 versions+5

🔴Vulnerability Details

GHSA

GHSA-36mc-vj3q-5jw7: AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R↗2022-05-14

▶

CVEList

CVE-2017-15317: AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R↗2017-12-22

▶

External resources

NVD MITRE

Affected products30

Huawei Ar120-s Firmwarevv200r006c10vv200r007c00vv200r008c20+1 more

Huawei Ar1200 Firmwarevv200r006c10vv200r006c13vv200r007c00+4 more

Huawei Ar1200-s Firmwarevv200r006c10vv200r007c00vv200r008c20+1 more

Huawei Ar150 Firmwarevv200r006c10vv200r007c00vv200r007c01+3 more

Huawei Ar150-s Firmwarevv200r006c10vv200r007c00vv200r008c20+1 more

Huawei Ar160 Firmwarevv200r006c10vv200r006c12vv200r007c00+4 more

Huawei Ar200 Firmwarevv200r006c10vv200r007c00vv200r007c01+2 more

Huawei Ar200-s Firmwarevv200r006c10vv200r007c00vv200r008c20+1 more

Huawei Ar2200 Firmwarevv200r006c10vv200r006c13vv200r006c16+5 more

Huawei Ar2200-s Firmwarevv200r006c10vv200r007c00vv200r008c20+1 more

Disclosure

PublishedDec 22, 2017

Latest updateMay 14, 2022