CVE-2017-17284 — Huawei Dp300 Firmware vulnerability

3 documents3 sources

Severity

5.3MEDIUMNVD

EPSS

0.2%

top 54.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Dp300 Firmware Huawei Rp200 Firmware Huawei Te30 Firmware +3 more

Timeline

PublishedFeb 15

Latest updateMay 13

Description

Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00 have a resource management error vulnerability. A remote attacker may send huge number of specially crafted SIP messages to the affected products. Due to improper handling of some value in the messages, successful exploit will cause some services abnormal.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages6 packages

▶NVDhuawei/te30_firmwarev100r001c10, v500r002c00, v600r006c00+2

▶NVDhuawei/te40_firmwarev500r002c00, v600r006c00+1

▶NVDhuawei/te50_firmwarev500r002c00, v600r006c00+1

▶NVDhuawei/te60_firmware4 versions+3

▶NVDhuawei/dp300_firmwarev500r002c00

🔴Vulnerability Details

GHSA

GHSA-cxq6-qq6f-4c93: Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00,↗2022-05-13

▶

CVEList

CVE-2017-17284: Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00,↗2018-02-15

▶