Huawei : Huawei Data Communication: Memory Leak Vulnerability in Some Huawei Network Products (huawei-sa-20171129-01-command)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.143970

Categoría: Huawei

Título: Huawei Data Communication: Memory Leak Vulnerability in Some Huawei Network Products (huawei-sa-20171129-01-command)

Resumen: Patch module of some Huawei products have a memory leak vulnerability.

Descripción: Summary:
Patch module of some Huawei products have a memory leak vulnerability.

Vulnerability Insight:
Patch module of some Huawei products have a memory leak vulnerability. An authenticated attacker could execute special commands many times, the memory leaking happened, which would cause the device to reset finally. (Vulnerability ID: HWPSIRT-2016-08051)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-15315.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references.

Vulnerability Impact:
An successful exploit could cause the device to reset.

Affected Software/OS:
NIP6300 versions V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC200 V500R001C20SPC200PWE

NIP6600 versions V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC200 V500R001C20SPC200PWE

Secospace USG6300 versions V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC200 V500R001C20SPC200PWE

Secospace USG6500 versions V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC200 V500R001C20SPC200PWE

Secospace USG6600 versions V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC101T V500R001C20SPC101TB001 V500R001C20SPC200 V500R001C20SPC200PWE

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-15315

Copyright Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.143970
Categoría:	Huawei
Título:	Huawei Data Communication: Memory Leak Vulnerability in Some Huawei Network Products (huawei-sa-20171129-01-command)
Resumen:	Patch module of some Huawei products have a memory leak vulnerability.
Descripción:	Summary: Patch module of some Huawei products have a memory leak vulnerability. Vulnerability Insight: Patch module of some Huawei products have a memory leak vulnerability. An authenticated attacker could execute special commands many times, the memory leaking happened, which would cause the device to reset finally. (Vulnerability ID: HWPSIRT-2016-08051)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-15315.Huawei has released software updates to fix this vulnerability. This advisory is available in the linked references. Vulnerability Impact: An successful exploit could cause the device to reset. Affected Software/OS: NIP6300 versions V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC200 V500R001C20SPC200PWE NIP6600 versions V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC200 V500R001C20SPC200PWE Secospace USG6300 versions V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC200 V500R001C20SPC200PWE Secospace USG6500 versions V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC200 V500R001C20SPC200PWE Secospace USG6600 versions V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC101T V500R001C20SPC101TB001 V500R001C20SPC200 V500R001C20SPC200PWE Solution: See the referenced vendor advisory for a solution. CVSS Score: 6.8 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-15315
Copyright	Copyright (C) 2020 Greenbone Networks GmbH