ID

VAR-201803-0193

CVE

CVE-2017-17303

TITLE

Huawei DP300 Vulnerable to information disclosure

DESCRIPTION

Huawei DP300 V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00B012; V500R002C00B013; V500R002C00B014; V500R002C00B017; V500R002C00B018; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE30 V100R001C10SPC300; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700B010; V500R002C00SPC200; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE40 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE50 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE60 V100R001C10; V100R001C10B001; V100R001C10B002; V100R001C10B010; V100R001C10B011; V100R001C10B012; V100R001C10B013; V100R001C10B014; V100R001C10B016; V100R001C10B017; V100R001C10B018; V100R001C10B019; V100R001C10SPC400; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700; V100R001C10SPC800B011; V100R001C10SPC900; V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; V500R002C00SPCb00; V500R002C00SPCd00; V500R002C00SPCe00; V600R006C00; V600R006C00SPC100; V600R006C00SPC200; V600R006C00SPC300 use the CIDAM protocol, which contains sensitive information in the message when it is implemented. So these products has an information disclosure vulnerability. An authenticated remote attacker could track and get the message of a target system. Successful exploit could allow the attacker to get the information and cause the sensitive information disclosure. Huawei DP300 and other products are all products of China Huawei. The DP300 is a video conferencing terminal. The RP200 is a video conferencing machine. CIDAM is one of the information transmission protocols. The following products and versions are affected: Huawei DP300 V500R002C00 Version, V500R002C00B010 Version, V500R002C00B011 Version, V500R002C00B012 Version, V500R002C00B013 Version, V500R002C00B014 Version, V500R002C00B017 Version, V500R002C00B018 Version, V500R002C00SPC100 Version, V500R002C00SPC200 Version, V500R002C00SPC300 Version, V500R002C00SPC400 Version, V500R002C00SPC500 Version, V500R002C00SPC600 Version, V500R002C00SPC800 Version, V500R002C00SPC900 Version, V500R002C00SPCa00 Version; RP200 V500R002C00SPC200 Version, V600R006C00 Version, V600R006C00SPC200 Version, V600R006C00SPC300 Version; TE30 V100R001C10SPC300 Version, V100R001C10SPC500 Version, V100R001C10SPC600 version, etc.; TE40 V500R002C00SPC600 Version, V500R002C00SPC700 Version, V500R002C00SPC900 version, etc.; TE50 V500R002C00SPC600 Version, V500R002C00SPC700 Version, such as V500R002C00SPCb00; TE60 version V100R001C10, version V100R001C10B001, etc

IOT TAXONOMY

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

information disclosure

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Huawei internal tester

SOURCES

LAST UPDATE DATE

2024-11-23T22:00:40.417000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE