Vulnerability Details : CVE-2017-15317
AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30; AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30; AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30; SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an input validation vulnerability in Huawei multiple products. Due to the insufficient input validation, an unauthenticated, remote attacker may craft a malformed Stream Control Transmission Protocol (SCTP) packet and send it to the device, causing the device to read out of bounds and restart.
Products affected by CVE-2017-15317
- cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar3200_firmware:v200r006c11:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar3200_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar3200_firmware:v200r007c01:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar3200_firmware:v200r007c02:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar3200_firmware:v200r008c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar3200_firmware:v200r008c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar3200_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar3200_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar200_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar200_firmware:v200r007c01:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar200_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar200_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar1200_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar1200_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar1200_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar1200_firmware:v200r006c13:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar1200_firmware:v200r007c01:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar1200_firmware:v200r007c02:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar2200_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar2200_firmware:v200r006c13:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar2200_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar2200_firmware:v200r006c16:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar2200_firmware:v200r007c01:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar2200_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar2200_firmware:v200r007c02:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar120-s_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar120-s_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar1200-s_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar150_firmware:v200r007c01:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar150_firmware:v200r007c02:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar150_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar150_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar150_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar150-s_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar150-s_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar150-s_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar150-s_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar160_firmware:v200r006c12:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar160_firmware:v200r007c01:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar160_firmware:v200r007c02:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar160_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar160_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar160_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar200-s_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar200-s_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar200-s_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar2200-s_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar2200-s_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar510_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar510_firmware:v200r006c12:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar510_firmware:v200r006c13:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar510_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar510_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar510_firmware:v200r006c15:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar510_firmware:v200r006c17:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar510_firmware:v200r006c16:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:ar510_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg1300_firmware:v200r007c02:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg1300_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg1300_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg1300_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg2300_firmware:v200r007c02:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg2300_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg2300_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg2300_firmware:v200r006c10:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg3300_firmware:v200r008c20:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg3300_firmware:v200r008c30:*:*:*:*:*:*:*
- cpe:2.3:o:huawei:srg3300_firmware:v200r006c10:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-15317
0.15%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 32 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-15317
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2017-15317
-
The product reads data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-15317
-
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sctp-en
Security Advisory - Input Validation Vulnerability in Multiple Huawei ProductsVendor Advisory
Jump to