CVE-2017-15346

XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C05,S5700 V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S6700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R005C02, V200R008C00, V200R009C00, V200R010C00,S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,S9700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, V200R010C00,eCNS210_TD V100R004C10, V100R004C10SPC003, V100R004C10SPC100, V100R004C10SPC101, V100R004C10SPC102, V100R004C10SPC200, V100R004C10SPC221, V100R004C10SPC400 has a DOS vulnerability. An attacker may craft specific XML files to the affected products. Due to not check the specially XML file and to parse this file, successful exploit will result in DOS attacks.

Published: Feb 15, 2018
Updated: Apr 13, 2023
CVE: CVE-2017-15346
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.7
AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
huawei / s12700_firmware	200r005c00	200r005c00.x
huawei / s1700_firmware	200r009c00	200r009c00.x
huawei / s1700_firmware	200r010c00	200r010c00.x
huawei / s5700_firmware	200r001c00	200r001c00.x
huawei / s5700_firmware	200r002c00	200r002c00.x
huawei / s5700_firmware	200r003c00	200r003c00.x
huawei / s5700_firmware	200r003c02	200r003c02.x
huawei / s5700_firmware	200r005c00	200r005c00.x
huawei / s5700_firmware	200r006c00	200r006c00.x
huawei / s5700_firmware	200r007c00	200r007c00.x
huawei / s5700_firmware	200r008c00	200r008c00.x
huawei / s5700_firmware	200r009c00	200r009c00.x
huawei / s5700_firmware	200r010c00	200r010c00.x
huawei / s6700_firmware	200r001c00	200r001c00.x
huawei / s6700_firmware	200r002c00	200r002c00.x
huawei / s6700_firmware	200r003c00	200r003c00.x
huawei / s6700_firmware	200r005c00	200r005c00.x
huawei / s6700_firmware	200r005c02	200r005c02.x
huawei / s6700_firmware	200r008c00	200r008c00.x
huawei / s6700_firmware	200r009c00	200r009c00.x
huawei / s6700_firmware	200r010c00	200r010c00.x
huawei / s7700_firmware	200r001c00	200r001c00.x
huawei / s7700_firmware	200r002c00	200r002c00.x
huawei / s7700_firmware	200r003c00	200r003c00.x
huawei / s7700_firmware	200r005c00	200r005c00.x
huawei / s7700_firmware	200r006c00	200r006c00.x
huawei / s7700_firmware	200r007c00	200r007c00.x
huawei / s7700_firmware	200r008c00	200r008c00.x
huawei / s7700_firmware	200r009c00	200r009c00.x
huawei / s7700_firmware	200r010c00	200r010c00.x
huawei / s9700_firmware	200r001c00	200r001c00.x
huawei / s9700_firmware	200r002c00	200r002c00.x
huawei / s9700_firmware	200r003c00	200r003c00.x
huawei / s9700_firmware	200r005c00	200r005c00.x
huawei / s9700_firmware	200r006c00	200r006c00.x
huawei / s9700_firmware	200r007c00	200r007c00.x
huawei / s9700_firmware	200r008c00	200r008c00.x
huawei / s9700_firmware	200r009c00	200r009c00.x
huawei / s9700_firmware	200r010c00	200r010c00.x
huawei / ecns210_td_firmware	100r004c10	100r004c10.x
huawei / ecns210_td_firmware	100r004c10spc003	100r004c10spc003.x
huawei / ecns210_td_firmware	100r004c10spc100	100r004c10spc100.x
huawei / ecns210_td_firmware	100r004c10spc101	100r004c10spc101.x
huawei / ecns210_td_firmware	100r004c10spc102	100r004c10spc102.x
huawei / ecns210_td_firmware	100r004c10spc200	100r004c10spc200.x
huawei / ecns210_td_firmware	100r004c10spc221	100r004c10spc221.x
huawei / ecns210_td_firmware	100r004c10spc400	100r004c10spc400.x

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-xml-en

Vulnerability Database

289,697

CVE-2017-15346