CVE-2017-15344
published 2018-02-15CVE-2017-15344: Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer…
high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could cause system reboot.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| huawei | ar120-s_firmware | — | — |
| huawei | ar120-s_firmware | — | — |
| huawei | ar120-s_firmware | — | — |
| huawei | ar120-s_firmware | — | — |
| huawei | ar1200_firmware | — | — |
| huawei | ar1200_firmware | — | — |
| huawei | ar3200_firmware | — | — |
| huawei | ar3200_firmware | — | — |
| huawei | ar3200_firmware | — | — |
| huawei_technologies_co_ltd | ar3200 | — | — |