Details of VAR-201802-0550

ID

VAR-201802-0550

CVE

CVE-2017-15331

TITLE

plural Huawei Product out-of-bounds vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-012502

DESCRIPTION

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, MAX PRESENCE V100R001C00, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00SPC200, V600R006C00, RSE6500 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, V500R002C00T, V600R006C00, V600R006C00T, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, ViewPoint 9030 V100R011C02, V100R011C03, have an out-of-bounds read vulnerability in H323 protocol. An unauthenticated, remote attacker may send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot. plural Huawei The product contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Huawei AR and SRG series enterprise routers are Huawei's all-in-one routers for small and medium-sized offices or small and medium-sized enterprises. Huawei's SVN series products are Huawei's secure access gateway products; NIP6300/6600 series products and SecospaceUSG series. Huawei is a new generation of professional intrusion prevention and firewall products for customers such as enterprises, IDCs, campus networks and operators. The TE series is a high definition video conferencing terminal that supports 1080p60. A cross-border read vulnerability exists in the H323 protocol of several Huawei products. The vulnerability is caused by the program failing to fully verify the message. The attacker restarts the process by sending a specially constructed packet. Huawei AR120-S and others are all router products of China Huawei (Huawei). There are security vulnerabilities in several Huawei products. A remote attacker could exploit this vulnerability to cause a denial of service (out-of-bounds read and process restart). The following products and versions are affected: Huawei AR120-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR1200 V200R006C10 Version, V200R006C13 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR1200-S V200R006C10 Version , V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30-S; AR15

Trust: 2.25

sources: NVD: CVE-2017-15331 // JVNDB: JVNDB-2017-012502 // CNVD: CNVD-2017-35591 // VULHUB: VHN-106143

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-35591

AFFECTED PRODUCTS

vendor:	huawei	model:	viewpoint 9030	scope:	eq	version:	v100r011c03	Trust: 1.6
vendor:	huawei	model:	usg9500	scope:	eq	version:	v500r001c50	Trust: 1.6
vendor:	huawei	model:	usg9580	scope:	eq	version:	v300r001c20	Trust: 1.6
vendor:	huawei	model:	usg9560	scope:	eq	version:	v300r001c01	Trust: 1.6
vendor:	huawei	model:	usg9520	scope:	eq	version:	v300r001c01	Trust: 1.6
vendor:	huawei	model:	viewpoint 9030	scope:	eq	version:	v100r011c02	Trust: 1.6
vendor:	huawei	model:	usg9500	scope:	eq	version:	v500r001c30	Trust: 1.6
vendor:	huawei	model:	usg9520	scope:	eq	version:	v300r001c20	Trust: 1.6
vendor:	huawei	model:	usg9560	scope:	eq	version:	v300r001c20	Trust: 1.6
vendor:	huawei	model:	usg9580	scope:	eq	version:	v300r001c01	Trust: 1.6
vendor:	huawei	model:	secospace usg6300 v500r001c00	scope:	-	version:	-	Trust: 1.2
vendor:	huawei	model:	ngfw module	scope:	eq	version:	v100r001c10spc200	Trust: 1.0
vendor:	huawei	model:	te30	scope:	eq	version:	v500r002c00	Trust: 1.0
vendor:	huawei	model:	srg3300	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	srg3300	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	ips module	scope:	eq	version:	v100r001c10spc200	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r006c11	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	svn5800	scope:	eq	version:	v200r003c00	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r006c13	Trust: 1.0
vendor:	huawei	model:	tp3106	scope:	eq	version:	v100r002c00	Trust: 1.0
vendor:	huawei	model:	ngfw module	scope:	eq	version:	v100r001c30	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	smc2.0	scope:	eq	version:	v500r002c00t	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c50	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	ips module	scope:	eq	version:	v100r001c30	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r008c10	Trust: 1.0
vendor:	huawei	model:	te60	scope:	eq	version:	v600r006c00	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r006c16	Trust: 1.0
vendor:	huawei	model:	netengine16ex	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	netengine16ex	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c00	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r006c13	Trust: 1.0
vendor:	huawei	model:	smc2.0	scope:	eq	version:	v100r003c10	Trust: 1.0
vendor:	huawei	model:	ar1200-s	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v100r001c30	Trust: 1.0
vendor:	huawei	model:	ar2200-s	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	smc2.0	scope:	eq	version:	v500r002c00	Trust: 1.0
vendor:	huawei	model:	svn5600	scope:	eq	version:	v200r003c10	Trust: 1.0
vendor:	huawei	model:	te60	scope:	eq	version:	v100r001c10	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v100r001c30	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	te50	scope:	eq	version:	v600r006c00	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	te30	scope:	eq	version:	v600r006c00	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	srg3300	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	ips module	scope:	eq	version:	v500r001c30	Trust: 1.0
vendor:	huawei	model:	svn5600	scope:	eq	version:	v200r003c00	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	svn5800-c	scope:	eq	version:	v200r003c10	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	dp300	scope:	eq	version:	v500r002c00	Trust: 1.0
vendor:	huawei	model:	ar200-s	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c30	Trust: 1.0
vendor:	huawei	model:	srg1300	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	srg1300	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	svn5800-c	scope:	eq	version:	v200r003c00	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	te60	scope:	eq	version:	v100r001c01	Trust: 1.0
vendor:	huawei	model:	ngfw module	scope:	eq	version:	v100r001c20	Trust: 1.0
vendor:	huawei	model:	ngfw module	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	smc2.0	scope:	eq	version:	v100r005c00	Trust: 1.0
vendor:	huawei	model:	te40	scope:	eq	version:	v500r002c00	Trust: 1.0
vendor:	huawei	model:	ar150-s	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar150-s	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	netengine16ex	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c30	Trust: 1.0
vendor:	huawei	model:	smc2.0	scope:	eq	version:	v600r006c00t	Trust: 1.0
vendor:	huawei	model:	srg2300	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	srg2300	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	srg1300	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ips module	scope:	eq	version:	v100r001c20	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r006c15	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	rse6500	scope:	eq	version:	v500r002c00	Trust: 1.0
vendor:	huawei	model:	ngfw module	scope:	eq	version:	v500r001c00	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	ar150-s	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	smc2.0	scope:	eq	version:	v600r006c00	Trust: 1.0
vendor:	huawei	model:	srg2300	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	max presence	scope:	eq	version:	v100r001c00	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r006c12	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c50	Trust: 1.0
vendor:	huawei	model:	rp200	scope:	eq	version:	v500r002c00spc200	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r006c16pwe	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v100r001c20	Trust: 1.0
vendor:	huawei	model:	usg9500	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r008c00	Trust: 1.0
vendor:	huawei	model:	ar200-s	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar200-s	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c50	Trust: 1.0
vendor:	huawei	model:	ngfw module	scope:	eq	version:	v500r002c10	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r006c17	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v100r001c20	Trust: 1.0
vendor:	huawei	model:	nip6300	scope:	eq	version:	v500r001c00	Trust: 1.0
vendor:	huawei	model:	te30	scope:	eq	version:	v100r001c10	Trust: 1.0
vendor:	huawei	model:	rp200	scope:	eq	version:	v600r006c00	Trust: 1.0
vendor:	huawei	model:	te60	scope:	eq	version:	v500r002c00	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c30	Trust: 1.0
vendor:	huawei	model:	srg1300	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	ngfw module	scope:	eq	version:	v500r002c00	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v100r001c10	Trust: 1.0
vendor:	huawei	model:	ar150-s	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	srg2300	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	ips module	scope:	eq	version:	v500r001c50	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v100r001c10	Trust: 1.0
vendor:	huawei	model:	te50	scope:	eq	version:	v500r002c00	Trust: 1.0
vendor:	huawei	model:	ips module	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	ar1200-s	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar2200-s	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	srg1300	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ips module	scope:	eq	version:	v500r001c00	Trust: 1.0
vendor:	huawei	model:	srg2300	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	srg3300	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c50	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r006c12	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	nip6800	scope:	eq	version:	v500r001c50	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r006c13	Trust: 1.0
vendor:	huawei	model:	ar200-s	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c20	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	secospace usg6300	scope:	eq	version:	v500r001c00	Trust: 1.0
vendor:	huawei	model:	usg9500	scope:	eq	version:	v500r001c00	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	secospace usg6500	scope:	eq	version:	v500r001c00	Trust: 1.0
vendor:	huawei	model:	ar1200-s	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar1200-s	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	nip6600	scope:	eq	version:	v500r001c30	Trust: 1.0
vendor:	huawei	model:	ar2200-s	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar2200-s	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	netengine16ex	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	te40	scope:	eq	version:	v600r006c00	Trust: 1.0
vendor:	huawei	model:	svn5800	scope:	eq	version:	v200r003c10	Trust: 1.0
vendor:	huawei	model:	tp3206	scope:	eq	version:	v100r002c00	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	dp300	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ips module	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	max presence	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ngfw module	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ips module v500r001c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ngfw module v500r001c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	nip6300 v500r001c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	nip6600 v500r001c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	usg9520 v300r001c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	usg9560 v300r001c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	usg9580 v300r001c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	dp300 v500r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te60 v100r001c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te60 v100r001c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te60 v500r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te60 v600r006c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	tp3106 v100r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	viewpoint v100r011c03	scope:	eq	version:	9030	Trust: 0.6
vendor:	huawei	model:	viewpoint v100r011c02	scope:	eq	version:	9030	Trust: 0.6
vendor:	huawei	model:	smc2.0 v100r003c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	smc2.0 v500r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	smc2.0 v600r006c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	usg9520 v300r001c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	max presence v100r001c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	tp3206 v100r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	rp200 v600r006c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	rse6500 v500r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te30 v100r001c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te30 v500r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te30 v600r006c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te40 v500r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te40 v600r006c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te50 v500r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te50 v600r006c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120-s v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120-s v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120-s v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120-s v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r006c13	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200-s v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200-s v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200-s v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200-s v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150-s v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150-s v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150-s v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150-s v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r006c12	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200-s v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200-s v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200-s v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200-s v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r006c16pwe	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r006c13	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r006c11	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r008c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r008c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r006c12	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r006c13	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r006c15	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r006c16	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r006c17	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	netengine16ex v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	netengine16ex v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	netengine16ex v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	netengine16ex v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	smc2.0 v100r005c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg2300 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg2300 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg2300 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg2300 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg2300 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg3300 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg3300 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg3300 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg3300 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200-s v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200-s v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200-s v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200-s v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ips module v100r001c10spc200	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ips module v100r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ips module v100r001c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ips module v500r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ips module v500r001c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ips module v500r001c50	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ngfw module v100r001c10spc200	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ngfw module v100r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ngfw module v100r001c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ngfw module v500r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ngfw module v500r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ngfw module v500r002c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	nip6300 v500r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	nip6300 v500r001c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	nip6300 v500r001c50	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	nip6600 v500r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	nip6600 v500r001c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	nip6600 v500r001c50	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	rp200 v500r002c00spc200	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	smc2.0 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	smc2.0 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	smc2.0 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	smc2.0 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	smc2.0 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	svn5600 v200r003c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	svn5600 v200r003c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	svn5800-c v200r003c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	svn5800-c v200r003c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	svn5800 v200r003c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	svn5800 v200r003c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	semg9811 v300r001c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	secospace usg6300 v100r001c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	secospace usg6300 v100r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	secospace usg6300 v100r001c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	secospace usg6300 v500r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	secospace usg6300 v500r001c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	secospace usg6300 v500r001c50	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	secospace usg6500 v100r001c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	secospace usg6500 v100r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	secospace usg6500 v100r001c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	secospace usg6500 v500r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	secospace usg6500 v500r001c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	secospace usg6500 v500r001c50	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	usg9500 v500r001c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	usg9500 v500r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	usg9500 v500r001c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	usg9500 v500r001c50	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	usg9520 v300r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	usg9560 v300r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	usg9580 v300r001c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	smc2.0 v500r002c00t	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	smc2.0 v600r006c00t	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2017-35591 // JVNDB: JVNDB-2017-012502 // CNNVD: CNNVD-201711-1148 // NVD: CVE-2017-15331

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-15331
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2017-15331
value:	MEDIUM
Trust: 0.8
CNVD:	CNVD-2017-35591
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201711-1148
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-106143
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-15331
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-35591
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-106143
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-15331
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	1.4
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-35591 // VULHUB: VHN-106143 // JVNDB: JVNDB-2017-012502 // CNNVD: CNNVD-201711-1148 // NVD: CVE-2017-15331

PROBLEMTYPE DATA

problemtype:

CWE-125

Trust: 1.9

sources: VULHUB: VHN-106143 // JVNDB: JVNDB-2017-012502 // NVD: CVE-2017-15331

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201711-1148

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201711-1148

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-012502

PATCH

title:	huawei-sa-20171129-01-h323	url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-h323-en	Trust: 0.8
title:	Patches for a variety of Huawei products H323 protocol out of bounds read vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/107343	Trust: 0.6
title:	Multiple Huawei Product Buffer Error Vulnerability Fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76803	Trust: 0.6

sources: CNVD: CNVD-2017-35591 // JVNDB: JVNDB-2017-012502 // CNNVD: CNNVD-201711-1148

EXTERNAL IDS

db:	NVD	id:	CVE-2017-15331	Trust: 3.1
db:	JVNDB	id:	JVNDB-2017-012502	Trust: 0.8
db:	CNNVD	id:	CNNVD-201711-1148	Trust: 0.7
db:	CNVD	id:	CNVD-2017-35591	Trust: 0.6
db:	VULHUB	id:	VHN-106143	Trust: 0.1

sources: CNVD: CNVD-2017-35591 // VULHUB: VHN-106143 // JVNDB: JVNDB-2017-012502 // CNNVD: CNNVD-201711-1148 // NVD: CVE-2017-15331

REFERENCES

url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-h323-en	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-15331	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-15331	Trust: 0.8
url:	http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171129-01-h323-cn	Trust: 0.6

sources: CNVD: CNVD-2017-35591 // VULHUB: VHN-106143 // JVNDB: JVNDB-2017-012502 // CNNVD: CNNVD-201711-1148 // NVD: CVE-2017-15331

CREDITS

Huawei internal tester

Trust: 0.6

sources: CNNVD: CNNVD-201711-1148

SOURCES

db:	CNVD	id:	CNVD-2017-35591
db:	VULHUB	id:	VHN-106143
db:	JVNDB	id:	JVNDB-2017-012502
db:	CNNVD	id:	CNNVD-201711-1148
db:	NVD	id:	CVE-2017-15331

LAST UPDATE DATE

2024-11-23T22:12:40.382000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-35591	date:	2017-11-30T00:00:00
db:	VULHUB	id:	VHN-106143	date:	2018-03-01T00:00:00
db:	JVNDB	id:	JVNDB-2017-012502	date:	2018-03-16T00:00:00
db:	CNNVD	id:	CNNVD-201711-1148	date:	2017-11-30T00:00:00
db:	NVD	id:	CVE-2017-15331	date:	2024-11-21T03:14:28.733

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-35591	date:	2017-11-30T00:00:00
db:	VULHUB	id:	VHN-106143	date:	2018-02-15T00:00:00
db:	JVNDB	id:	JVNDB-2017-012502	date:	2018-03-16T00:00:00
db:	CNNVD	id:	CNNVD-201711-1148	date:	2017-11-30T00:00:00
db:	NVD	id:	CVE-2017-15331	date:	2018-02-15T16:29:00.330