Vulnerability Details CVE-2017-15343
Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could system reboot.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
References
Products affected by CVE-2017-15343
-
cpe:2.3:h:huawei:ar3200:-
-
cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10
-
cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00
-
cpe:2.3:o:huawei:ar120-s_firmware:v200r008c20
-
cpe:2.3:o:huawei:ar120-s_firmware:v200r008c30
-
cpe:2.3:o:huawei:ar1200_firmware:v200r007c01
-
cpe:2.3:o:huawei:ar1200_firmware:v200r007c02
-
cpe:2.3:o:huawei:ar3200_firmware:v200r006c11
-
cpe:2.3:o:huawei:ar3200_firmware:v200r008c00
-
cpe:2.3:o:huawei:ar3200_firmware:v200r008c10