CVE-2017-17166

CWE-400Uncontrolled Resource Consumption3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.2%
top 54.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Huawei Dp300 FirmwareHuawei Secospace Usg6300 FirmwareHuawei Secospace Usg6500 Firmware+3 more
Timeline
PublishedFeb 15
Latest updateMay 14

Description

Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, TP3206 V100R002C00, VP9660 V500R002C00, V500R002C10 have a resource exhaustion vulnerability. The software does not process certain field of H.323 message properly, a remote unauthenticated attacker could send crafted H.323 message to the device, successful exploi

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages6 packages

NVDhuawei/dp300_firmwarev500r002c00
NVDhuawei/tp3206_firmwarev100r002c00

🔴Vulnerability Details

2
GHSA
GHSA-j768-42wh-9h32: Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C32022-05-14
CVEList
CVE-2017-17166: Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C32018-02-15
CVE-2017-17166 (MEDIUM CVSS 5.3) | Huawei DP300 V500R002C00 | cvebase.io