CVE-2017-17329
Severity Score
3.3
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Huawei ViewPoint 8660 V100R008C03 have a memory leak vulnerability. The software does not release allocated memory properly when parse XML Schema data. An authenticated attacker could upload a crafted XML file, successful exploit could cause the system service abnormal since run out of memory.
Huawei ViewPoint 8660 V100R008C03 tiene una vulnerabilidad de filtrado de memoria. El software no libera la memoria asignada correctamente al analizar los datos XML Schema. Un atacante autenticado podría subir un archivo XML manipulado, por lo que la explotación exitosa de esta vulnerabilidad podría provocar que los servicios del sistema funcionen de manera incorrecta, ya que se quedarían sin memoria.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-12-04 CVE Reserved
- 2018-03-09 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-772: Missing Release of Resource after Effective Lifetime
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-03-xml-en | 2019-10-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Huawei Search vendor "Huawei" | Viewpoint 8660 Firmware Search vendor "Huawei" for product "Viewpoint 8660 Firmware" | v100r008c03 Search vendor "Huawei" for product "Viewpoint 8660 Firmware" and version "v100r008c03" | - |
Affected
| in | Huawei Search vendor "Huawei" | Viewpoint 8660 Search vendor "Huawei" for product "Viewpoint 8660" | - | - |
Safe
|