CVE-2017-17162

Опубликовано: 15 фев. 2018

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

Huawei Secospace USG6600 V500R001C30SPC100, Secospace USG6600 V500R001C30SPC200, Secospace USG6600 V500R001C30SPC300, USG9500 V500R001C30SPC100, USG9500 V500R001C30SPC200, USG9500 V500R001C30SPC300 have a memory leak vulnerability due to memory don't be released when an local authenticated attacker execute special commands many times. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.

Ссылки

http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-02-firewall-en
Vendor Advisory
http://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171213-02-firewall-en
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc100:*:*:*:*:*:*:*

cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*

cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc300:*:*:*:*:*:*:*

cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

Одно из

cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc100:*:*:*:*:*:*:*

cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc200:*:*:*:*:*:*:*

cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc300:*:*:*:*:*:*:*

cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*

EPSS

Процентиль: 5%

0.00021

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-772

Связанные уязвимости

GHSA-g5jm-qrqq-cw8j