CVE-2017-17329 — Missing Release of Resource after Effective Lifetime in Technologies CO LTD Viewpoint 8660

CWE-772 — Missing Release of Resource after Effective Lifetime3 documents3 sources

Severity

3.3LOWNVD

EPSS

0.0%

top 92.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Technologies CO LTD Viewpoint 8660 Huawei Viewpoint 8660 Firmware

Timeline

PublishedMar 9

Latest updateMay 13

Description

Huawei ViewPoint 8660 V100R008C03 have a memory leak vulnerability. The software does not release allocated memory properly when parse XML Schema data. An authenticated attacker could upload a crafted XML file, successful exploit could cause the system service abnormal since run out of memory.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

▶NVDhuawei/viewpoint_8660_firmwarev100r008c03

▶CVEListV5huawei_technologies_co_ltd/viewpoint_8660V100R008C03

🔴Vulnerability Details

GHSA

GHSA-4hjg-62xc-cfw3: Huawei ViewPoint 8660 V100R008C03 have a memory leak vulnerability↗2022-05-13

▶

CVEList

CVE-2017-17329: Huawei ViewPoint 8660 V100R008C03 have a memory leak vulnerability↗2018-03-09

▶