CVE-2017-15342
HIGHHuawei DP300/TE60/TP3106/eSpace U1981 DoS via SSL Buffer Overflow
Title source: llmDescription
Huawei DP300 V500R002C00, TE60 V600R006C00, TP3106 V100R002C00, eSpace U1981 V200R003C30SPC100 have a denial of service vulnerability. The software does not correctly calculate the rest size in a buffer when handling SSL connections. A remote unauthenticated attacker could send a lot of crafted SSL messages to the device, successful exploit could cause no space in the buffer and then denial of service.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ssl-en
Scores
CVSS v3
7.5
EPSS
0.0027
EPSS Percentile
50.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-119
Status
published
Products (4)
huawei/dp300_firmware
v500r002c00
huawei/espace_u1981_firmware
v200r003c30spc100
huawei/te60_firmware
v600r006c00
huawei/tp3106_firmware
v100r002c00
Published
Feb 15, 2018
Tracked Since
Feb 18, 2026