Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

CVE-2017-15317

Disclosure Date: December 22, 2017 •

CVE-2017-15317

Description

AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30; AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30; AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30; SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an input validation vulnerability in Huawei multiple products. Due to the insufficient input validation, an unauthenticated, remote attacker may craft a malformed Stream Control Transmission Protocol (SCTP) packet and send it to the device, causing the device to read out of bounds and restart.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Unknown

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

General Information

Offensive Application

Unknown

Utility Class

Unknown

Ports

Unknown

Vulnerable Versions

AR120-S V200R006C10

AR120-S V200R007C00

AR120-S V200R008C20

AR120-S V200R008C30

AR1200 V200R006C10

AR1200 V200R006C13

AR1200 V200R007C00

AR1200 V200R007C01

AR1200 V200R007C02

AR1200 V200R008C20

AR1200 V200R008C30

AR1200-S V200R006C10

AR1200-S V200R007C00

AR1200-S V200R008C20

AR1200-S V200R008C30

AR150 V200R006C10

AR150 V200R007C00

AR150 V200R007C01

AR150 V200R007C02

AR150 V200R008C20

AR150 V200R008C30

AR150-S V200R006C10

AR150-S V200R007C00

AR150-S V200R008C20

AR150-S V200R008C30

AR160 V200R006C10

AR160 V200R006C12

AR160 V200R007C00

AR160 V200R007C01

AR160 V200R007C02

AR160 V200R008C20

AR160 V200R008C30

AR200 V200R006C10

AR200 V200R007C00

AR200 V200R007C01

AR200 V200R008C20

AR200 V200R008C30

AR200-S V200R006C10

AR200-S V200R007C00

AR200-S V200R008C20

AR200-S V200R008C30

AR2200 V200R006C10

AR2200 V200R006C13

AR2200 V200R006C16

AR2200 V200R007C00

AR2200 V200R007C01

AR2200 V200R007C02

AR2200 V200R008C20

AR2200 V200R008C30

AR2200-S V200R006C10

AR2200-S V200R007C00

AR2200-S V200R008C20

AR2200-S V200R008C30

AR3200 V200R006C10

AR3200 V200R006C11

AR3200 V200R007C00

AR3200 V200R007C01

AR3200 V200R007C02

AR3200 V200R008C00

AR3200 V200R008C10

AR3200 V200R008C20

AR3200 V200R008C30

AR510 V200R006C10

AR510 V200R006C12

AR510 V200R006C13

AR510 V200R006C15

AR510 V200R006C16

AR510 V200R006C17

AR510 V200R007C00

AR510 V200R008C20

AR510 V200R008C30

SRG1300 V200R006C10

SRG1300 V200R007C00

SRG1300 V200R007C02

SRG1300 V200R008C20

SRG1300 V200R008C30

SRG2300 V200R006C10

SRG2300 V200R007C00

SRG2300 V200R007C02

SRG2300 V200R008C20

SRG2300 V200R008C30

SRG3300 V200R006C10

SRG3300 V200R007C00

SRG3300 V200R008C20

SRG3300 V200R008C30

Prerequisites

Unknown

Discovered By

Unknown

PoC Author

Unknown

Metasploit Module

Unknown

Reporter

Unknown

Vendors

huawei

Products

References

Canonical

CVE-2017-15317 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15317)

Advisory

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sctp-en

Rapid7

Unknown

CVE-2017-15317

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2017-15317

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Additional Info

Technical Analysis

Unknown

CVE-2017-15317

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2017-15317

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Additional Info

Technical Analysis

Quick Cookie Notification