CVSS: 7.5EPSS: 0%CPEs: 224EXPL: 0CVE-2017-17258
https://notcve.org/view.php?id=CVE-2017-17258
24 Apr 2018 — Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R00... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en • CWE-20: Improper Input Validation •
CVSS: 3.3EPSS: 0%CPEs: 15EXPL: 0CVE-2017-17330
https://notcve.org/view.php?id=CVE-2017-17330
09 Mar 2018 — Huawei AR3200 V200R005C32; V200R006C10; V200R006C11; V200R007C00; V200R007C01; V200R007C02; V200R008C00; V200R008C10; V200R008C20; V200R008C30; NGFW Module V500R001C00; V500R001C20; V500R002C00 have a memory leak vulnerability. The software does not release allocated memory properly when parse XML element data. An authenticated attacker could upload a crafted XML file, successful exploit could cause the system service abnormal since run out of memory. Huawei AR3200 V200R005C32; V200R006C10; V200R006C11; V20... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-04-xml-en • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.3EPSS: 0%CPEs: 210EXPL: 0CVE-2017-15331
https://notcve.org/view.php?id=CVE-2017-15331
15 Feb 2018 — Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-h323-en • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 210EXPL: 0CVE-2017-15332
https://notcve.org/view.php?id=CVE-2017-15332
15 Feb 2018 — Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-h323-en • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2017-15343
https://notcve.org/view.php?id=CVE-2017-15343
15 Feb 2018 — Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could system reboot. Huawei AR3200 con software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20 ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-sctp-en • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2017-15344
https://notcve.org/view.php?id=CVE-2017-15344
15 Feb 2018 — Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could cause system reboot. Huawei AR3200 con software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R0... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-02-sctp-en • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.9EPSS: 0%CPEs: 454EXPL: 0CVE-2017-17151
https://notcve.org/view.php?id=CVE-2017-17151
15 Feb 2018 — Huawei AR100, AR100-S, AR110-S, AR120, AR120-S, AR1200, AR1200-S, AR150, AR150-S, AR160, AR200, AR200-S, AR2200, AR2200-S, AR3200, AR510, DP300, NetEngine16EX, RP200, SRG1300, SRG2300, SRG3300, TE30, TE40, TE50, TE60, TP3106, TP3206, ViewPoint 8660, and ViewPoint 9030 have an insufficient validation vulnerability. Since packet validation is insufficient, an unauthenticated attacker may send special H323 packets to exploit the vulnerability. Successful exploit could allow the attacker to send malicious packe... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-h323-en • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 68EXPL: 0CVE-2017-17160
https://notcve.org/view.php?id=CVE-2017-17160
15 Feb 2018 — Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006C11, V200R... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-ike-en • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 115EXPL: 0CVE-2017-17202
https://notcve.org/view.php?id=CVE-2017-17202
15 Feb 2018 — Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R005C32, V200R007C00, V200R008C20, V200R008C30, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180131-01-sip-en • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 115EXPL: 0CVE-2017-17286
https://notcve.org/view.php?id=CVE-2017-17286
15 Feb 2018 — Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R005C32, V200R007C00, V200R008C20, V200R008C30, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 ... • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180207-01-encryption-en • CWE-787: Out-of-bounds Write •