CVE-2017-15336

CWE-119 — Buffer Overflow3 documents3 sources

Severity

5.3MEDIUM

EPSS

0.2%

top 59.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Dp300 Firmware Huawei Espace U1981 Firmware Huawei IPS Module Firmware +23 more

Timeline

PublishedFeb 15

Latest updateMay 14

Description

The SIP backup feature in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, RP200 V500R002C00, V600R006C00, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SV…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages26 packages

▶NVDhuawei/secospace_usg6300_firmware7 versions+6

▶NVDhuawei/secospace_usg6500_firmware7 versions+6

▶NVDhuawei/secospace_usg6600_firmware7 versions+6

▶NVDhuawei/ngfw_module_firmware7 versions+6

▶NVDhuawei/viewpoint_8660_firmwarev100r008c03

🔴Vulnerability Details

GHSA

GHSA-c25x-6c3c-cxch: The SIP backup feature in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C↗2022-05-14

▶

CVEList

CVE-2017-15336: The SIP backup feature in Huawei DP300 V500R002C00, IPS Module V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C↗2018-02-15

▶