CVE-2017-15317

AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30; AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30; AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30; AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30; AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30; SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30; SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an input validation vulnerability in Huawei multiple products. Due to the insufficient input validation, an unauthenticated, remote attacker may craft a malformed Stream Control Transmission Protocol (SCTP) packet and send it to the device, causing the device to read out of bounds and restart.

Published: Dec 22, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-15317
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

CWEs:

CWE-125

Affected Software
References

Software	From	Fixed in
huawei / ar120-s_firmware	200r006c10	200r006c10.x
huawei / ar120-s_firmware	200r007c00	200r007c00.x
huawei / ar120-s_firmware	200r008c20	200r008c20.x
huawei / ar120-s_firmware	200r008c30	200r008c30.x
huawei / ar1200_firmware	200r006c10	200r006c10.x
huawei / ar1200_firmware	200r006c13	200r006c13.x
huawei / ar1200_firmware	200r007c00	200r007c00.x
huawei / ar1200_firmware	200r007c01	200r007c01.x
huawei / ar1200_firmware	200r007c02	200r007c02.x
huawei / ar1200_firmware	200r008c20	200r008c20.x
huawei / ar1200_firmware	200r008c30	200r008c30.x
huawei / ar1200-s_firmware	200r006c10	200r006c10.x
huawei / ar1200-s_firmware	200r007c00	200r007c00.x
huawei / ar1200-s_firmware	200r008c20	200r008c20.x
huawei / ar1200-s_firmware	200r008c30	200r008c30.x
huawei / ar150_firmware	200r006c10	200r006c10.x
huawei / ar150_firmware	200r007c00	200r007c00.x
huawei / ar150_firmware	200r007c01	200r007c01.x
huawei / ar150_firmware	200r007c02	200r007c02.x
huawei / ar150_firmware	200r008c20	200r008c20.x
huawei / ar150_firmware	200r008c30	200r008c30.x
huawei / ar150-s_firmware	200r006c10	200r006c10.x
huawei / ar150-s_firmware	200r007c00	200r007c00.x
huawei / ar150-s_firmware	200r008c20	200r008c20.x
huawei / ar150-s_firmware	200r008c30	200r008c30.x
huawei / ar160_firmware	200r006c10	200r006c10.x
huawei / ar160_firmware	200r006c12	200r006c12.x
huawei / ar160_firmware	200r007c00	200r007c00.x
huawei / ar160_firmware	200r007c01	200r007c01.x
huawei / ar160_firmware	200r007c02	200r007c02.x
huawei / ar160_firmware	200r008c20	200r008c20.x
huawei / ar160_firmware	200r008c30	200r008c30.x
huawei / ar200_firmware	200r006c10	200r006c10.x
huawei / ar200_firmware	200r007c00	200r007c00.x
huawei / ar200_firmware	200r007c01	200r007c01.x
huawei / ar200_firmware	200r008c20	200r008c20.x
huawei / ar200_firmware	200r008c30	200r008c30.x
huawei / ar200-s_firmware	200r006c10	200r006c10.x
huawei / ar200-s_firmware	200r007c00	200r007c00.x
huawei / ar200-s_firmware	200r008c20	200r008c20.x
huawei / ar200-s_firmware	200r008c30	200r008c30.x
huawei / ar2200_firmware	200r006c10	200r006c10.x
huawei / ar2200_firmware	200r006c13	200r006c13.x
huawei / ar2200_firmware	200r006c16	200r006c16.x
huawei / ar2200_firmware	200r007c00	200r007c00.x
huawei / ar2200_firmware	200r007c01	200r007c01.x
huawei / ar2200_firmware	200r007c02	200r007c02.x
huawei / ar2200_firmware	200r008c20	200r008c20.x
huawei / ar2200_firmware	200r008c30	200r008c30.x
huawei / ar2200-s_firmware	200r006c10	200r006c10.x
huawei / ar2200-s_firmware	200r007c00	200r007c00.x
huawei / ar2200-s_firmware	200r008c20	200r008c20.x
huawei / ar2200-s_firmware	200r008c30	200r008c30.x
huawei / ar3200_firmware	200r006c10	200r006c10.x
huawei / ar3200_firmware	200r006c11	200r006c11.x
huawei / ar3200_firmware	200r007c00	200r007c00.x
huawei / ar3200_firmware	200r007c01	200r007c01.x
huawei / ar3200_firmware	200r007c02	200r007c02.x
huawei / ar3200_firmware	200r008c00	200r008c00.x
huawei / ar3200_firmware	200r008c10	200r008c10.x
huawei / ar3200_firmware	200r008c20	200r008c20.x
huawei / ar3200_firmware	200r008c30	200r008c30.x
huawei / ar510_firmware	200r006c10	200r006c10.x
huawei / ar510_firmware	200r006c12	200r006c12.x
huawei / ar510_firmware	200r006c13	200r006c13.x
huawei / ar510_firmware	200r006c15	200r006c15.x
huawei / ar510_firmware	200r006c16	200r006c16.x
huawei / ar510_firmware	200r006c17	200r006c17.x
huawei / ar510_firmware	200r007c00	200r007c00.x
huawei / ar510_firmware	200r008c20	200r008c20.x
huawei / ar510_firmware	200r008c30	200r008c30.x
huawei / srg1300_firmware	200r006c10	200r006c10.x
huawei / srg1300_firmware	200r007c00	200r007c00.x
huawei / srg1300_firmware	200r007c02	200r007c02.x
huawei / srg1300_firmware	200r008c20	200r008c20.x
huawei / srg1300_firmware	200r008c30	200r008c30.x
huawei / srg2300_firmware	200r006c10	200r006c10.x
huawei / srg2300_firmware	200r007c00	200r007c00.x
huawei / srg2300_firmware	200r007c02	200r007c02.x
huawei / srg2300_firmware	200r008c20	200r008c20.x
huawei / srg2300_firmware	200r008c30	200r008c30.x
huawei / srg3300_firmware	200r006c10	200r006c10.x
huawei / srg3300_firmware	200r007c00	200r007c00.x
huawei / srg3300_firmware	200r008c20	200r008c20.x
huawei / srg3300_firmware	200r008c30	200r008c30.x

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-sctp-en

Vulnerability Database

289,599

CVE-2017-15317