CVE-2017-15348

Published: Feb 15, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

Huawei IPS Module V500R001C00, NGFW Module V500R001C00, NIP6300 V500R001C00, NIP6600 V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, USG9500 V500R001C00 have an insufficient input validation vulnerability. An unauthenticated, remote attacker could send specific MPLS Echo Request messages to the target products. Due to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.

Vendor	Product	Versions
Huawei Technologies Co., Ltd.	IPS Module,NGFW Module,NIP6300,NIP6600,Secospace USG6300,Secospace USG6500,Secospace USG6600,USG9500,	affected `IPS Module V500R001C00,NGFW Module V500R001C00,NIP6300 V500R001C00,NIP6600 V500R001C00,Secospace USG6300 V500R001C00,Secospace USG6500 V500R001C00,Secospace USG6600 V500R001C00,USG9500 V500R001C00,`

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-routers-en

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-15348

Description

Affected Products

References