CVE-2017-15349
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets, successful exploit will result in memory leak of the affected products and lead to a DoS condition.
Huawei CloudEngine 12800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 5800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 6800 V100R003C00, V100R005C00, V100R005C10, V100R006C00,CloudEngine 7800 V100R003C00, V100R005C00, V100R005C10 y V100R006C00 tienen una vulnerabilidad de fuga de memoria. Un atacante no autenticado podría enviar paquetes RSVP (Resource ReServation Protocol) a los productos afectados. Dado que no se libera la memoria para gestionar los paquetes, una explotación con éxito resultará en la fuga de memoria de los productos afectados y en una condición de denegación de servicio.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-10-14 CVE Reserved
- 2018-02-15 CVE Published
- 2023-12-26 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-772: Missing Release of Resource after Effective Lifetime
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en | 2019-10-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Cloudengine 12800 Firmware Search vendor "Huawei" for product "Cloudengine 12800 Firmware" | v100r003c00 Search vendor "Huawei" for product "Cloudengine 12800 Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 12800 Search vendor "Huawei" for product "Cloudengine 12800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 12800 Firmware Search vendor "Huawei" for product "Cloudengine 12800 Firmware" | v100r005c00 Search vendor "Huawei" for product "Cloudengine 12800 Firmware" and version "v100r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 12800 Search vendor "Huawei" for product "Cloudengine 12800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 12800 Firmware Search vendor "Huawei" for product "Cloudengine 12800 Firmware" | v100r005c10 Search vendor "Huawei" for product "Cloudengine 12800 Firmware" and version "v100r005c10" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 12800 Search vendor "Huawei" for product "Cloudengine 12800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 12800 Firmware Search vendor "Huawei" for product "Cloudengine 12800 Firmware" | v100r006c00 Search vendor "Huawei" for product "Cloudengine 12800 Firmware" and version "v100r006c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 12800 Search vendor "Huawei" for product "Cloudengine 12800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 5800 Firmware Search vendor "Huawei" for product "Cloudengine 5800 Firmware" | v100r003c00 Search vendor "Huawei" for product "Cloudengine 5800 Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 5800 Search vendor "Huawei" for product "Cloudengine 5800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 5800 Firmware Search vendor "Huawei" for product "Cloudengine 5800 Firmware" | v100r005c00 Search vendor "Huawei" for product "Cloudengine 5800 Firmware" and version "v100r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 5800 Search vendor "Huawei" for product "Cloudengine 5800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 5800 Firmware Search vendor "Huawei" for product "Cloudengine 5800 Firmware" | v100r005c10 Search vendor "Huawei" for product "Cloudengine 5800 Firmware" and version "v100r005c10" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 5800 Search vendor "Huawei" for product "Cloudengine 5800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 5800 Firmware Search vendor "Huawei" for product "Cloudengine 5800 Firmware" | v100r006c00 Search vendor "Huawei" for product "Cloudengine 5800 Firmware" and version "v100r006c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 5800 Search vendor "Huawei" for product "Cloudengine 5800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 6800 Firmware Search vendor "Huawei" for product "Cloudengine 6800 Firmware" | v100r003c00 Search vendor "Huawei" for product "Cloudengine 6800 Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 6800 Search vendor "Huawei" for product "Cloudengine 6800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 6800 Firmware Search vendor "Huawei" for product "Cloudengine 6800 Firmware" | v100r005c00 Search vendor "Huawei" for product "Cloudengine 6800 Firmware" and version "v100r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 6800 Search vendor "Huawei" for product "Cloudengine 6800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 6800 Firmware Search vendor "Huawei" for product "Cloudengine 6800 Firmware" | v100r005c10 Search vendor "Huawei" for product "Cloudengine 6800 Firmware" and version "v100r005c10" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 6800 Search vendor "Huawei" for product "Cloudengine 6800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 6800 Firmware Search vendor "Huawei" for product "Cloudengine 6800 Firmware" | v100r006c00 Search vendor "Huawei" for product "Cloudengine 6800 Firmware" and version "v100r006c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 6800 Search vendor "Huawei" for product "Cloudengine 6800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 7800 Firmware Search vendor "Huawei" for product "Cloudengine 7800 Firmware" | v100r003c00 Search vendor "Huawei" for product "Cloudengine 7800 Firmware" and version "v100r003c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 7800 Search vendor "Huawei" for product "Cloudengine 7800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 7800 Firmware Search vendor "Huawei" for product "Cloudengine 7800 Firmware" | v100r005c00 Search vendor "Huawei" for product "Cloudengine 7800 Firmware" and version "v100r005c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 7800 Search vendor "Huawei" for product "Cloudengine 7800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 7800 Firmware Search vendor "Huawei" for product "Cloudengine 7800 Firmware" | v100r005c10 Search vendor "Huawei" for product "Cloudengine 7800 Firmware" and version "v100r005c10" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 7800 Search vendor "Huawei" for product "Cloudengine 7800" | - | - |
Safe
|
| Huawei Search vendor "Huawei" | Cloudengine 7800 Firmware Search vendor "Huawei" for product "Cloudengine 7800 Firmware" | v100r006c00 Search vendor "Huawei" for product "Cloudengine 7800 Firmware" and version "v100r006c00" | - |
Affected
| in | Huawei Search vendor "Huawei" | Cloudengine 7800 Search vendor "Huawei" for product "Cloudengine 7800" | - | - |
Safe
|