CVE-2017-15344
Description
Huawei AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30 has an integer overflow vulnerability. The software does not sufficiently validate certain field in SCTP messages, a remote unauthenticated attacker could send a crafted SCTP message to the device. Successful exploit could cause system reboot.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.268
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2016-6206 ,CVE-2017-15343 ,CVE-2017-15344 ,CVE-2017-17330 are affected in ar3200_firmware v200r006c11 | NCM |
| Multiple Vulnerabilities affected in ar120-s_firmware v200r008c30 | NCM |
| Multiple Vulnerabilities affected in ar120-s_firmware v200r008c20 | NCM |
| Multiple Vulnerabilities affected in ar120-s_firmware v200r007c00 | NCM |
| Multiple Vulnerabilities affected in ar120-s_firmware v200r006c10 | NCM |
| Vulnerabilities CVE-2017-15343 ,CVE-2017-15344 are affected in ar1200_firmware v200r007c02 | NCM |
| Vulnerabilities CVE-2017-15343 ,CVE-2017-15344 are affected in ar1200_firmware v200r007c01 | NCM |
| Vulnerabilities CVE-2017-15343 ,CVE-2017-15344 ,CVE-2017-17330 are affected in ar3200_firmware v200r008c10 | NCM |
| Vulnerabilities CVE-2017-15343 ,CVE-2017-15344 ,CVE-2017-17330 are affected in ar3200_firmware v200r008c00 | NCM |
| Integer Overflow or Wraparound Vulnerability (CVE-2017-15344) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234