| |
Vulnerability CVE-2017-17147
Published: 2018-03-09
| Description: |
Huawei DP300 V500R002C00 have an integer overflow vulnerability due to the lack of validation. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks. |
Type:
CWE-190 (Integer Overflow or Wraparound)
CVSS2 => (AV:L/AC:L/Au:N/C:N/I:N/A:C)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.9/10 |
6.9/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
None |
None |
Complete |
References: |
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171215-01-xml-en
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
