HomePentest-Tools.com Logo

Huawei Data Communication: Input Validation Vulnerability in Multiple Huawei Products (huawei-sa-20171206-01-sctp) CVE-2017-15317

Severity
CVSSv3 Score
7.5
Vulnerability description

There is an input validation vulnerability in Huawei multiple products.

Risk description

There is an input validation vulnerability in Huawei multiple products. Due to the insufficient input validation, an attacker may craft a malformed packet and send it to the device, causing the device to read out of bounds and restart. (Vulnerability ID: HWPSIRT-2017-01017)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-15317.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references. An attacker can exploit this vulnerability to make the device read out of bounds and restart.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 22, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available