CVE-2017-2722

CWE-20 — Improper Input Validation3 documents3 sources

Severity

8.8HIGH

EPSS

0.5%

top 35.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Dp300 Firmware Huawei Ecns210 TD Firmware Huawei Espace 7950 Firmware +5 more

Timeline

PublishedNov 22

Latest updateMay 17

Description

DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30 have an input validation vulnerability.A re…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages8 packages

▶NVDhuawei/espace_7950_firmwarev200r003c00, v200r003c30+1

▶NVDhuawei/espace_u1981_firmware5 versions+4

▶NVDhuawei/espace_iad_firmwarev300r001c07spca00, v300r002c01spcb00+1

▶NVDhuawei/viewpoint_9030_firmwarev100r011c02, v100r011c03+1

▶NVDhuawei/te60_firmware5 versions+4

🔴Vulnerability Details

GHSA

GHSA-x3xv-mxfr-cgf8: DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C↗2022-05-17

▶

CVEList

CVE-2017-2722: DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C↗2017-11-22

▶