HomePentest-Tools.com Logo

Huawei Data Communication: Buffer Overflow Vulnerability in Some Huawei Products (huawei-sa-20171215-01-overflow) CVE-2017-17298

Severity
CVSSv3 Score
5.3
Vulnerability description

There is buffer overflow vulnerability in some Huawei products.

Risk description

There is buffer overflow vulnerability in some Huawei products. An unauthenticated, remote attacker may send specially crafted certificates to the affected products. Due to insufficient validation of the certificates, successful exploit may cause buffer overflow and some service abnormal. (Vulnerability ID: HWPSIRT-2017-07013)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17298.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references. Successful exploit may cause buffer overflow and some service abnormal.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 15, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available