Description
Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eCNS210_TD V100R004C10, eSpace U1981 V200R003C30 have a DoS vulnerability caused by memory exhaustion in some Huawei products. For lacking of adequate input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service (DoS).
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-pse-en
Scores
CVSS v3
5.5
EPSS
0.0002
EPSS Percentile
6.3%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-400
Status
published
Products (23)
huawei/dp300_firmware
v500r002c00
huawei/ecns210_td_firmware
v100r004c10
huawei/espace_u1981_firmware
v200r003c30
huawei/nip6600_firmware
v500r001c00
huawei/nip6600_firmware
v500r001c20
huawei/nip6600_firmware
v500r001c30
huawei/secospace_usg6500_firmware
v500r001c00
huawei/secospace_usg6500_firmware
v500r001c20
huawei/secospace_usg6500_firmware
v500r001c30
huawei/te60_firmware
v100r001c01
... and 13 more
Published
Mar 09, 2018
Tracked Since
Feb 18, 2026