cvelistv5 - cve-2017-15349

cve-2017-15349

Vulnerability from cvelistv5

Published

2018-02-15 16:00

Modified

2024-08-05 19:50

Severity ?

Summary

References

▼	URL	Tags
	psirt@huawei.com	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en	Vendor Advisory

Impacted products

	Vendor	Product	Version
	Huawei Technologies Co., Ltd.	CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,	Version: CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T19:50:16.501Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00"
            }
          ]
        }
      ],
      "datePublic": "2017-12-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "memory leak",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-15T15:57:02",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2017-15349",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei Technologies Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "memory leak"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2017-15349",
    "datePublished": "2018-02-15T16:00:00",
    "dateReserved": "2017-10-14T00:00:00",
    "dateUpdated": "2024-08-05T19:50:16.501Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-15349\",\"sourceIdentifier\":\"psirt@huawei.com\",\"published\":\"2018-02-15T16:29:01.203\",\"lastModified\":\"2024-11-21T03:14:31.227\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition.\"},{\"lang\":\"es\",\"value\":\"Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10 y V100R006C00 tienen una vulnerabilidad de fuga de memoria. Un atacante no autenticado podr\u00eda enviar paquetes RSVP (Resource ReServation Protocol) a los productos afectados. Dado que no se libera la memoria para gestionar los paquetes, una explotaci\u00f3n con \u00e9xito resultar\u00e1 en la fuga de memoria de los productos afectados y en una condici\u00f3n de denegaci\u00f3n de servicio.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-772\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AEB5929-1526-4910-BE22-07FCDDA06D0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E58D7203-2EE3-412A-B39C-94D82B0BBB98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71EF4F82-092F-4D19-832B-A174F7D47477\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2DACA5-0AA6-419B-AC6A-8CC19326758E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE8A2875-0F7E-4790-A925-5999396B7578\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90200F0F-FF1A-42D9-A4EF-8DD5F6DB6BA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33B93684-6903-4A54-B631-15873D3D3744\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DFDAAAC-0585-406F-B547-FB71C5352209\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"916288E9-1DAB-40BE-9C29-3E8603FC0F02\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8FD775C-F6B6-42B3-942E-EB4DC889B5F0\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C42246DF-E736-4D98-AF73-3F5B731485D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E31AD6C5-E687-47C9-8473-2486A6864128\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40D8A10D-8B77-4F43-87A9-803ED9855AC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E574B02-F89A-4D5C-B462-3AF56F1C0A57\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19F2B3CC-12AD-466D-98F9-0C09C7C053CF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"374AD269-B0F4-4534-ABAC-D08343B2CE42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"828A6E23-962D-4A92-B14D-949B01489F35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B676B444-6128-4A04-B3E7-421F74FA9CD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF6985E0-9375-4DE2-A879-AAACF923381C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D05E858C-A3D8-4BF1-A750-CFD8C949ABF0\"}]}]}],\"references\":[{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

gsd-2017-15349

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Aliases

CVE-2017-15349

Aliases

CVE-2017-15349

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-15349",
    "description": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition.",
    "id": "GSD-2017-15349"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-15349"
      ],
      "details": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition.",
      "id": "GSD-2017-15349",
      "modified": "2023-12-13T01:20:58.722303Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@huawei.com",
        "ID": "CVE-2017-15349",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Huawei Technologies Co., Ltd."
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "memory leak"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en",
            "refsource": "CONFIRM",
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2017-15349"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-772"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-10-03T00:03Z",
      "publishedDate": "2018-02-15T16:29Z"
    }
  }
}

fkie_cve-2017-15349

Vulnerability from fkie_nvd

Published

2018-02-15 16:29

Modified

2024-11-21 03:14

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

▼	URL	Tags
	psirt@huawei.com	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en	Vendor Advisory

Impacted products

Vendor	Product	Version
huawei	cloudengine_12800_firmware	v100r003c00
huawei	cloudengine_12800_firmware	v100r005c00
huawei	cloudengine_12800_firmware	v100r005c10
huawei	cloudengine_12800_firmware	v100r006c00
huawei	cloudengine_12800	-
huawei	cloudengine_5800_firmware	v100r003c00
huawei	cloudengine_5800_firmware	v100r005c00
huawei	cloudengine_5800_firmware	v100r005c10
huawei	cloudengine_5800_firmware	v100r006c00
huawei	cloudengine_5800	-
huawei	cloudengine_6800_firmware	v100r003c00
huawei	cloudengine_6800_firmware	v100r005c00
huawei	cloudengine_6800_firmware	v100r005c10
huawei	cloudengine_6800_firmware	v100r006c00
huawei	cloudengine_6800	-
huawei	cloudengine_7800_firmware	v100r003c00
huawei	cloudengine_7800_firmware	v100r005c00
huawei	cloudengine_7800_firmware	v100r005c10
huawei	cloudengine_7800_firmware	v100r006c00
huawei	cloudengine_7800	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r003c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AEB5929-1526-4910-BE22-07FCDDA06D0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "E58D7203-2EE3-412A-B39C-94D82B0BBB98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r005c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "71EF4F82-092F-4D19-832B-A174F7D47477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_12800_firmware:v100r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2DACA5-0AA6-419B-AC6A-8CC19326758E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:cloudengine_12800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE8A2875-0F7E-4790-A925-5999396B7578",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r003c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "90200F0F-FF1A-42D9-A4EF-8DD5F6DB6BA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B93684-6903-4A54-B631-15873D3D3744",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r005c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFDAAAC-0585-406F-B547-FB71C5352209",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_5800_firmware:v100r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "916288E9-1DAB-40BE-9C29-3E8603FC0F02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:cloudengine_5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8FD775C-F6B6-42B3-942E-EB4DC889B5F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r003c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "C42246DF-E736-4D98-AF73-3F5B731485D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "E31AD6C5-E687-47C9-8473-2486A6864128",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r005c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "40D8A10D-8B77-4F43-87A9-803ED9855AC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_6800_firmware:v100r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E574B02-F89A-4D5C-B462-3AF56F1C0A57",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:cloudengine_6800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19F2B3CC-12AD-466D-98F9-0C09C7C053CF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r003c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "374AD269-B0F4-4534-ABAC-D08343B2CE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "828A6E23-962D-4A92-B14D-949B01489F35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r005c10:*:*:*:*:*:*:*",
              "matchCriteriaId": "B676B444-6128-4A04-B3E7-421F74FA9CD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:huawei:cloudengine_7800_firmware:v100r006c00:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF6985E0-9375-4DE2-A879-AAACF923381C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:huawei:cloudengine_7800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D05E858C-A3D8-4BF1-A750-CFD8C949ABF0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition."
    },
    {
      "lang": "es",
      "value": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10 y V100R006C00 tienen una vulnerabilidad de fuga de memoria. Un atacante no autenticado podr\u00eda enviar paquetes RSVP (Resource ReServation Protocol) a los productos afectados. Dado que no se libera la memoria para gestionar los paquetes, una explotaci\u00f3n con \u00e9xito resultar\u00e1 en la fuga de memoria de los productos afectados y en una condici\u00f3n de denegaci\u00f3n de servicio."
    }
  ],
  "id": "CVE-2017-15349",
  "lastModified": "2024-11-21T03:14:31.227",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-02-15T16:29:01.203",
  "references": [
    {
      "source": "psirt@huawei.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
    }
  ],
  "sourceIdentifier": "psirt@huawei.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-772"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-hqf3-w8jr-9qmr

Vulnerability from github

Published

2022-05-13 01:43

Modified

2022-05-13 01:43

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-15349"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-772"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-02-15T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition.",
  "id": "GHSA-hqf3-w8jr-9qmr",
  "modified": "2022-05-13T01:43:45Z",
  "published": "2022-05-13T01:43:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15349"
    },
    {
      "type": "WEB",
      "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition. Huawei CloudEngine Contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Huawei CloudEngine12800 and other Huawei Huayun (Cloud) series of switch products. The vulnerability stems from the fact that the program does not release the memory for processing the message. The following products and versions are affected: Huawei CloudEngine 12800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version; CloudEngine 5800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version; CloudEngine 6800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version; CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, and V100R006C00

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201802-0530",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "cloudengine 5800",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "huawei",
        "version": "v100r005c10"
      },
      {
        "model": "cloudengine 5800",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "huawei",
        "version": "v100r006c00"
      },
      {
        "model": "cloudengine 6800",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "huawei",
        "version": "v100r003c00"
      },
      {
        "model": "cloudengine 6800",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "huawei",
        "version": "v100r005c00"
      },
      {
        "model": "cloudengine 6800",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "huawei",
        "version": "v100r005c10"
      },
      {
        "model": "cloudengine 6800",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "huawei",
        "version": "v100r006c00"
      },
      {
        "model": "cloudengine 7800",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "huawei",
        "version": "v100r003c00"
      },
      {
        "model": "cloudengine 7800",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "huawei",
        "version": "v100r005c00"
      },
      {
        "model": "cloudengine 7800",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "huawei",
        "version": "v100r005c10"
      },
      {
        "model": "cloudengine 7800",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "huawei",
        "version": "v100r006c00"
      },
      {
        "model": "cloudengine 12800",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "huawei",
        "version": "v100r003c00"
      },
      {
        "model": "cloudengine 12800",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "huawei",
        "version": "v100r005c00"
      },
      {
        "model": "cloudengine 12800",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "huawei",
        "version": "v100r005c10"
      },
      {
        "model": "cloudengine 12800",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "huawei",
        "version": "v100r006c00"
      },
      {
        "model": "cloudengine 5800",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "huawei",
        "version": "v100r003c00"
      },
      {
        "model": "cloudengine 5800",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "huawei",
        "version": "v100r005c00"
      },
      {
        "model": "cloudengine v100r003c00",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "12800"
      },
      {
        "model": "cloudengine v100r005c00",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "12800"
      },
      {
        "model": "cloudengine v100r005c10",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "12800"
      },
      {
        "model": "cloudengine v100r006c00",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "12800"
      },
      {
        "model": "cloudengine v100r005c00",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "5800"
      },
      {
        "model": "cloudengine v100r005c10",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "5800"
      },
      {
        "model": "cloudengine v100r006c00",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "5800"
      },
      {
        "model": "cloudengine v100r005c00",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "6800"
      },
      {
        "model": "cloudengine v100r005c10",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "6800"
      },
      {
        "model": "cloudengine v100r006c00",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "6800"
      },
      {
        "model": "cloudengine v100r005c00",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "7800"
      },
      {
        "model": "cloudengine v100r005c10",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "7800"
      },
      {
        "model": "cloudengine v100r006c00",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "7800"
      },
      {
        "model": "cloudengine v100r003c00",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "5800"
      },
      {
        "model": "cloudengine v100r003c00",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "6800"
      },
      {
        "model": "cloudengine v100r003c00",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "huawei",
        "version": "7800"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-38221"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012437"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-062"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15349"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:huawei:cloudengine_12800_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:huawei:cloudengine_5800_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:huawei:cloudengine_6800_firmware",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/o:huawei:cloudengine_7800_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012437"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Huawei internal tester",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-062"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2017-15349",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-15349",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-38221",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-106162",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-15349",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-15349",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-15349",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-38221",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201712-062",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-106162",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-38221"
      },
      {
        "db": "VULHUB",
        "id": "VHN-106162"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012437"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-062"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15349"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition. Huawei CloudEngine Contains a resource management vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Huawei CloudEngine12800 and other Huawei Huayun (Cloud) series of switch products. The vulnerability stems from the fact that the program does not release the memory for processing the message. The following products and versions are affected: Huawei CloudEngine 12800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version; CloudEngine 5800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version; CloudEngine 6800 V100R003C00 Version, V100R005C00 Version, V100R005C10 Version, V100R006C00 Version;  CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, and V100R006C00",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-15349"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012437"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-38221"
      },
      {
        "db": "VULHUB",
        "id": "VHN-106162"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-15349",
        "trust": 3.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012437",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-062",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-38221",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-106162",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-38221"
      },
      {
        "db": "VULHUB",
        "id": "VHN-106162"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012437"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-062"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15349"
      }
    ]
  },
  "id": "VAR-201802-0530",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-38221"
      },
      {
        "db": "VULHUB",
        "id": "VHN-106162"
      }
    ],
    "trust": 1.4907738099999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-38221"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:53:23.232000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "huawei-sa-20171201-01-router",
        "trust": 0.8,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
      },
      {
        "title": "Patch of Huawei\u0027s various product memory leak vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/111811"
      },
      {
        "title": "Multiple Huawei Product security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76890"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-38221"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012437"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-062"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-772",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-399",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-106162"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012437"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15349"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-15349"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-15349"
      },
      {
        "trust": 0.6,
        "url": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171201-01-router-cn"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-38221"
      },
      {
        "db": "VULHUB",
        "id": "VHN-106162"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012437"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-062"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15349"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-38221"
      },
      {
        "db": "VULHUB",
        "id": "VHN-106162"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012437"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-062"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-15349"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-12-27T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-38221"
      },
      {
        "date": "2018-02-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-106162"
      },
      {
        "date": "2018-03-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-012437"
      },
      {
        "date": "2017-12-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201712-062"
      },
      {
        "date": "2018-02-15T16:29:01.203000",
        "db": "NVD",
        "id": "CVE-2017-15349"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-12-27T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-38221"
      },
      {
        "date": "2019-10-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-106162"
      },
      {
        "date": "2018-03-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-012437"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201712-062"
      },
      {
        "date": "2024-11-21T03:14:31.227000",
        "db": "NVD",
        "id": "CVE-2017-15349"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-062"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Huawei CloudEngine Resource management vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-012437"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201712-062"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2017-15349

Vulnerability from cvelistv5

gsd-2017-15349

Vulnerability from gsd

fkie_cve-2017-15349

Vulnerability from fkie_nvd

ghsa-hqf3-w8jr-9qmr

Vulnerability from github

var-201802-0530

Vulnerability from variot

Tags

Sightings

Nomenclature