CVE-2017-15346 Information

Description

XML parser in Huawei S12700 V200R005C00S1700 V200R009C00 V200R010C00S3700 V100R006C03 V100R006C05S5700 V200R001C00 V200R002C00 V200R003C00 V200R003C02 V200R005C00 V200R006C00 V200R007C00 V200R008C00 V200R009C00 V200R010C00S6700 V200R001C00 V200R002C00 V200R003C00 V200R005C00 V200R005C02 V200R008C00 V200R009C00 V200R010C00S7700 V200R001C00 V200R002C00 V200R003C00 V200R005C00 V200R006C00 V200R007C00 V200R008C00 V200R009C00 V200R010C00S9700 V200R001C00 V200R002C00 V200R003C00 V200R005C00 V200R006C00 V200R007C00 V200R008C00 V200R009C00 V200R010C00eCNS210_TD V100R004C10 V100R004C10SPC003 V100R004C10SPC100 V100R004C10SPC101 V100R004C10SPC102 V100R004C10SPC200 V100R004C10SPC221 V100R004C10SPC400 has a DOS vulnerability. An attacker may craft specific XML files to the affected products. Due to not check the specially XML file and to parse this file successful exploit will result in DOS attacks.

CVSS Vector

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-xml-en

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

4.7