Sign-up

ID

VAR-201803-1329


CVE

CVE-2017-17141


TITLE

plural Huawei Resource management vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2017-012890

DESCRIPTION

Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00; V200R009C00;S3700 V100R006C03;S5700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R003C02; V200R005C00; V200R005C01; V200R005C02; V200R005C03; V200R006C00; V200R007C00; V200R008C00; V200R009C00;S6700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R005C01; V200R005C02; V200R008C00; V200R009C00;S7700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R006C01; V200R007C00; V200R007C01; V200R008C00; V200R008C06; V200R009C00;S9700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R008C00; V200R009C00 have a memory leak vulnerability. In some specific conditions, if attackers send specific malformed MPLS Service PING messages to the affected products, products do not release the memory when handling the packets. So successful exploit will result in memory leak of the affected products. plural Huawei The product contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. HuaweiS12700 is an intelligent routing switch of China Huawei. The following products and versions are affected: Huawei S12700 V200R005C00 Version, V200R006C00 Version, V200R007C00 Version, V200R007C01 Version, V200R007C20 Version, V200R008C00 Version, V200R009C00 Version; S1700 V200R006C10 Version, V200R009C00 Version; S2700 V100R006C03 Version, V200R003C00 Version, V200R005C00 Version, V200R006C00 Version, V200R006C10 Version, V200R007C00 Version, V200R007C00B050 Version, V200R007C00SPC009T Version, V200R007C00SPC019T Version, V200R008C00 Version, V200R009C00 Version; S3700 V100R006C03 Version; S5700 V200R001C00 Version, V200R001C01 Version, V200R002C00 Version, V200R003C00 Version, V200R003C02 Version, V200R005C00 Version, V200R005C01 Version, V200R005C02 Version, V200R005C03 Version, V200R006C00 Version, V200R007C00 Version, V200R008C00 Version, V200R009C00 Version; S6700 V200R001C00 Version, V200R001C01 Version, V200R002C00 Version, V200R003C00 Version, V200R005C00 Version, V200R005C01 Version, V200R005C02 Version, V200R008C00 Version, V200R009C00 Version; S7700

Trust: 2.25

sources: NVD: CVE-2017-17141 // JVNDB: JVNDB-2017-012890 // CNVD: CNVD-2018-07349 // VULHUB: VHN-108134

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-07349

AFFECTED PRODUCTS

vendor:huaweimodel:s6700scope:eqversion:v200r003c00

Trust: 1.6

vendor:huaweimodel:s7700scope:eqversion:v200r002c00

Trust: 1.6

vendor:huaweimodel:s6700scope:eqversion:v200r009c00

Trust: 1.6

vendor:huaweimodel:s6700scope:eqversion:v200r001c00

Trust: 1.6

vendor:huaweimodel:s6700scope:eqversion:v200r001c01

Trust: 1.6

vendor:huaweimodel:s6700scope:eqversion:v200r002c00

Trust: 1.6

vendor:huaweimodel:s7700scope:eqversion:v200r001c00

Trust: 1.6

vendor:huaweimodel:s6700scope:eqversion:v200r005c00

Trust: 1.6

vendor:huaweimodel:s7700scope:eqversion:v200r001c01

Trust: 1.6

vendor:huaweimodel:s5700scope:eqversion:v200r009c00

Trust: 1.6

vendor:huaweimodel:s2700scope:eqversion:v200r005c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r002c00

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r006c00

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r007c00spc009t

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r009c00

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r007c01

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v100r006c03

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r005c00

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r003c00

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r001c01

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r002c00

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r009c00

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r006c01

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r005c00

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r006c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r005c01

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r001c00

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r006c00

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r005c01

Trust: 1.0

vendor:huaweimodel:s1700scope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r009c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r007c20

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s1700scope:eqversion:v200r009c00

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r007c01

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r005c00

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r003c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r006c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r005c02

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:s3700scope:eqversion:v100r006c03

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r003c00

Trust: 1.0

vendor:huaweimodel:s6700scope:eqversion:v200r005c02

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r006c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r003c02

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r008c06

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r001c00

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r009c00

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:s9700scope:eqversion:v200r003c00

Trust: 1.0

vendor:huaweimodel:s12700scope:eqversion:v200r005c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r005c03

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r007c01

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r007c00spc019t

Trust: 1.0

vendor:huaweimodel:s2700scope:eqversion:v200r007c00b050

Trust: 1.0

vendor:huaweimodel:s7700scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:s5700scope:eqversion:v200r001c01

Trust: 1.0

vendor:huaweimodel:s12700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s1700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s2700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s3700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s5700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s6700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s7700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s9700scope: - version: -

Trust: 0.8

vendor:huaweimodel:s5700 v200r001c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r003c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r005c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r003c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r005c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r001c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r001c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r006c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r001c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r005c03scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r009c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r005c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r009c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r009c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r008c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r009c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r007c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v100r006c03scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r003c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r005c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r006c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r008c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r001c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r003c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r003c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r005c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r006c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r008c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r001c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r003c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r008c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r001c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r006c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r008c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r006c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r007c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:s1700 v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:s1700 v200r009c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r009c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r007c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r009c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r005c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:s5700 v200r005c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r005c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:s6700 v200r005c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r005c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s12700 v200r008c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r006c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r007c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:s7700 v200r008c06scope: - version: -

Trust: 0.6

vendor:huaweimodel:s9700 v200r001c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r007c00b050scope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r007c00spc009tscope: - version: -

Trust: 0.6

vendor:huaweimodel:s2700 v200r007c00spc019tscope: - version: -

Trust: 0.6

vendor:huaweimodel:s3700 v100r006c03scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2018-07349 // JVNDB: JVNDB-2017-012890 // CNNVD: CNNVD-201712-302 // NVD: CVE-2017-17141

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-17141
value: LOW

Trust: 1.0

NVD: CVE-2017-17141
value: LOW

Trust: 0.8

CNVD: CNVD-2018-07349
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201712-302
value: LOW

Trust: 0.6

VULHUB: VHN-108134
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-17141
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2018-07349
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-108134
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-17141
baseSeverity: LOW
baseScore: 3.7
vectorString: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 2.2
impactScore: 1.4
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2018-07349 // VULHUB: VHN-108134 // JVNDB: JVNDB-2017-012890 // CNNVD: CNNVD-201712-302 // NVD: CVE-2017-17141

PROBLEMTYPE DATA

problemtype:CWE-772

Trust: 1.1

problemtype:CWE-399

Trust: 0.9

sources: VULHUB: VHN-108134 // JVNDB: JVNDB-2017-012890 // NVD: CVE-2017-17141

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201712-302

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201712-302

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-012890

PATCH
title:huawei-sa-20171206-01-mplsurl:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-mpls-en
Trust: 0.8
title:Patch of several Huawei product memory leak vulnerabilities (CNVD-2018-07349)url:https://www.cnvd.org.cn/patchInfo/show/125245
Trust: 0.6
title:Multiple Huawei Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100236
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2018-07349 // 
            
            
            
            JVNDB: JVNDB-2017-012890 // 
            
            
            
            CNNVD: CNNVD-201712-302

EXTERNAL IDS
db:NVDid:CVE-2017-17141
Trust: 3.1
db:JVNDBid:JVNDB-2017-012890
Trust: 0.8
db:CNNVDid:CNNVD-201712-302
Trust: 0.7
db:CNVDid:CNVD-2018-07349
Trust: 0.6
db:VULHUBid:VHN-108134
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-07349 // 
            
            
            
            VULHUB: VHN-108134 // 
            
            
            
            JVNDB: JVNDB-2017-012890 // 
            
            
            
            CNNVD: CNNVD-201712-302 // 
            
            
            
            NVD: CVE-2017-17141

REFERENCES
url:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-mpls-en
Trust: 2.3
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17141
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-17141
Trust: 0.8
sources:
            
            
            CNVD: CNVD-2018-07349 // 
            
            
            
            VULHUB: VHN-108134 // 
            
            
            
            JVNDB: JVNDB-2017-012890 // 
            
            
            
            CNNVD: CNNVD-201712-302 // 
            
            
            
            NVD: CVE-2017-17141

SOURCES
db:CNVDid:CNVD-2018-07349
db:VULHUBid:VHN-108134
db:JVNDBid:JVNDB-2017-012890
db:CNNVDid:CNNVD-201712-302
db:NVDid:CVE-2017-17141

LAST UPDATE DATE
2024-11-23T22:38:15.575000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-07349date:2018-04-10T00:00:00
db:VULHUBid:VHN-108134date:2019-10-03T00:00:00
db:JVNDBid:JVNDB-2017-012890date:2018-04-26T00:00:00
db:CNNVDid:CNNVD-201712-302date:2019-10-23T00:00:00
db:NVDid:CVE-2017-17141date:2024-11-21T03:17:34.063

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-07349date:2018-04-10T00:00:00
db:VULHUBid:VHN-108134date:2018-03-05T00:00:00
db:JVNDBid:JVNDB-2017-012890date:2018-04-26T00:00:00
db:CNNVDid:CNNVD-201712-302date:2017-12-07T00:00:00
db:NVDid:CVE-2017-17141date:2018-03-05T19:29:00.737