CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2017-8199
https://notcve.org/view.php?id=CVE-2017-8199
MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the system as a user and send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot. MAX PRESENCE V100R001C00, TP3106 V100R002C00 y TP3206 V100R002C00 tiene una vulnerabilidad de lectura fuera de límites en el protocolo H323. Un atacante podría iniciar sesión en el sistema como un usuario y enviar paquetes manipulados a los productos afectados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170927-01-h323-en http://www.securityfocus.com/bid/101951 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2017-8201
https://notcve.org/view.php?id=CVE-2017-8201
MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an a memory leak vulnerability in H323 protocol. An attacker logs in to the system as a user and send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit could cause a memory leak and eventual denial of service (DoS) condition. MAX PRESENCE V100R001C00, TP3106 V100R002C00 y TP3206 V100R002C00 tiene una vulnerabilidad de fuga de memoria en el protocolo H323. Un atacante podría iniciar sesión en el sistema como un usuario y enviar paquetes manipulados a los productos afectados. • http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170927-01-h323-en http://www.securityfocus.com/bid/101952 • CWE-772: Missing Release of Resource after Effective Lifetime •