Description
Huawei Secospace USG6300 with software V500R001C20 and V500R001C20SPC200PWE, Secospace USG6500 with software V500R001C20, Secospace USG6600 with software V500R001C20 and V500R001C20SPC200PWE allow remote attackers with specific permission to log in to a device and deliver a large number of unspecified commands to exhaust memory, causing a DoS condition.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161214-01-firewall-en
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/94927
Scores
CVSS v3
6.5
EPSS
0.0019
EPSS Percentile
40.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-399
Status
published
Products (6)
huawei/secospace_usg6300_firmware
v500r001c20
huawei/secospace_usg6300_firmware
v500r001c20spc200pwe
huawei/secospace_usg6500_firmware
v500r001c20
huawei/secospace_usg6600_firmware
v500r001c20
huawei/secospace_usg6600_firmware
v500r001c20spc200pwe
n/a/Secospace USG6300, Secospace USG6500, Secospace USG6600 Secospace USG6300 V500R001C20 and V500R001C20SPC200PWE,Secospace USG6500 V500R001C20,Secospace USG6600 V500R001C20 and V500R001C20SPC200PWE
Secospace USG6300, Secospace USG6500, Secospace USG6600 Secospace USG6300 V500R001C20 and V500R001C2
Published
Apr 02, 2017
Tracked Since
Feb 18, 2026