CVE-2017-17304

CWE-20Improper Input Validation3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.2%
top 57.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Huawei Dp300 Firmware
Timeline
PublishedMar 9
Latest updateMay 13

Description

The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the protocol is implemented. An authenticated remote attacker could send a malicious message to a target system. Successful exploit could allow the attacker to tamper with business and make the system abnormal. Affected Huawei Products are: DP300 versions V500R002C00, V500R002C00B010, V500R002C00B011, V500R002C00B012, V500R002C00B013, V500R002C00B014,

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:HExploitability: 1.2 | Impact: 5.2

Affected Packages1 packages

NVDhuawei/dp300_firmware17 versions+16

🔴Vulnerability Details

2
GHSA
GHSA-gj9x-3fhj-p23h: The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the2022-05-13
CVEList
CVE-2017-17304: The CIDAM Protocol on some Huawei Products has multiple input validation vulnerabilities due to insufficient validation of specific messages when the2018-03-09
CVE-2017-17304 (MEDIUM CVSS 6.5) | The CIDAM Protocol on some Huawei P | cvebase.io