HomePentest-Tools.com Logo

Huawei Data Communication: Input Validation Vulnerability in H323 Protocol of Huawei products (huawei-sa-20171206-01-h323) CVE-2017-17151

Severity
CVSSv3 Score
5.9
Vulnerability description

There is an insufficient validation vulnerability in some Huawei products.

Risk description

There is an insufficient validation vulnerability in some Huawei products. Since packet validation is insufficient, an unauthenticated attacker may send special H323 packets to exploit the vulnerability. Successful exploit could allow the attacker to send malicious packets and result in DOS attacks. (Vulnerability ID: HWPSIRT-2017-03125)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17151.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references. Successful exploit could allow the attacker to send malicious packets and result in DOS attacks.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Feb 15, 2018
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available