Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-15314

Опубликовано: 09 мар. 2018
Источник: nvd
CVSS3: 5.5
CVSS2: 2.1
EPSS Низкий

Описание

Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

Одно из

cpe:2.3:o:huawei:rp200_firmware:v500r002c00spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

Одно из

cpe:2.3:o:huawei:te30_firmware:v100r001c10spc300:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v100r001c10spc500:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v100r001c10spc600:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v100r001c10spc700:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v500r002c00spc200:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v500r002c00spc500:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v500r002c00spc600:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v500r002c00spc700:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v500r002c00spc900:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v500r002c00spcb00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*
Конфигурация 4

Одновременно

Одно из

cpe:2.3:o:huawei:te40_firmware:v500r002c00spc600:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te40_firmware:v500r002c00spc700:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te40_firmware:v500r002c00spc900:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te40_firmware:v500r002c00spcb00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*
Конфигурация 5

Одновременно

Одно из

cpe:2.3:o:huawei:te50_firmware:v500r002c00spc600:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te50_firmware:v500r002c00spc700:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te50_firmware:v500r002c00spcb00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*
Конфигурация 6

Одновременно

Одно из

cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*
cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*
cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*

EPSS

Процентиль: 6%
0.00024
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-772

Связанные уязвимости

github логотип

GHSA-h442-vmwr-rcjg

CVSS3: 5.5
github
больше 3 лет назад

Huawei DP300 V500R002C00, RP200 V500R002C00SPC200, V600R006C00, TE30 V100R001C10SPC300, V100R001C10SPC500, V100R001C10SPC600, V100R001C10SPC700, V500R002C00SPC200, V500R002C00SPC500, V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE40 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPC900, V500R002C00SPCb00, V600R006C00, TE50 V500R002C00SPC600, V500R002C00SPC700, V500R002C00SPCb00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a memory leak vulnerability due to memory don't be released when the XML parser process some node fail. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.

EPSS

Процентиль: 6%
0.00024
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-772