CVE-2017-15349 Information

Feb 14, 2021 cve

Description

Huawei CloudEngine 12800 V100R003C00 V100R005C00 V100R005C10 V100R006C00CloudEngine 5800 V100R003C00 V100R005C00 V100R005C10 V100R006C00CloudEngine 6800 V100R003C00 V100R005C00 V100R005C10 V100R006C00CloudEngine 7800 V100R003C00 V100R005C00 V100R005C10 V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Resource ReServation Protocol (RSVP) packets to the affected products. Due to not release the memory to handle the packets successful exploit will result in memory leak of the affected products and lead to a DoS condition.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-router-en

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5

Share on: