// For flags

CVE-2017-8199

 

Severity Score

6.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the system as a user and send crafted packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause process reboot.

MAX PRESENCE V100R001C00, TP3106 V100R002C00 y TP3206 V100R002C00 tiene una vulnerabilidad de lectura fuera de límites en el protocolo H323. Un atacante podría iniciar sesión en el sistema como un usuario y enviar paquetes manipulados a los productos afectados. Dada la verificación insuficiente de los paquetes, una explotación exitosa haría que el proceso se reinicie.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-04-25 CVE Reserved
  • 2017-11-22 CVE Published
  • 2023-10-02 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-125: Out-of-bounds Read
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Huawei
Search vendor "Huawei"
Max Presence Firmware
Search vendor "Huawei" for product "Max Presence Firmware"
v100r001c00
Search vendor "Huawei" for product "Max Presence Firmware" and version "v100r001c00"
-
Affected
in Huawei
Search vendor "Huawei"
Max Presence
Search vendor "Huawei" for product "Max Presence"
--
Safe
Huawei
Search vendor "Huawei"
Tp3106 Firmware
Search vendor "Huawei" for product "Tp3106 Firmware"
v100r002c00
Search vendor "Huawei" for product "Tp3106 Firmware" and version "v100r002c00"
-
Affected
in Huawei
Search vendor "Huawei"
Tp3106
Search vendor "Huawei" for product "Tp3106"
--
Safe
Huawei
Search vendor "Huawei"
Tp3206 Firmware
Search vendor "Huawei" for product "Tp3206 Firmware"
v100r002c00
Search vendor "Huawei" for product "Tp3206 Firmware" and version "v100r002c00"
-
Affected
in Huawei
Search vendor "Huawei"
Tp3206
Search vendor "Huawei" for product "Tp3206"
--
Safe