Huawei Data Communication: Input Validation Vulnerability in Multiple Huawei Products (huawei-sa-20171206-01-sctp) CVE-2017-15317
- CVSSv3 Score
- Vulnerability description
There is an input validation vulnerability in Huawei multiple products.
- Risk description
There is an input validation vulnerability in Huawei multiple products. Due to the insufficient input validation, an attacker may craft a malformed packet and send it to the device, causing the device to read out of bounds and restart. (Vulnerability ID: HWPSIRT-2017-01017)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-15317.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references. An attacker can exploit this vulnerability to make the device read out of bounds and restart.
See the referenced vendor advisory for a solution.
- Not available