{"containers": {"cna": {"affected": [{"product": "NIP6300,NIP6600,Secospace USG6300,Secospace USG6500", "vendor": "Huawei Technologies Co., Ltd.", "versions": [{"status": "affected", "version": "NIP6300 V500R001C20SPC100, V500R001C20SPC200,NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200"}]}], "datePublic": "2017-11-29T00:00:00", "descriptions": [{"lang": "en", "value": "Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200 has a memory leak vulnerability. An authenticated attacker could execute special commands many times, the memory leaking happened, which would cause the device to reset finally."}], "problemTypes": [{"descriptions": [{"description": "Memory Leak", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-03-09T20:57:01", "orgId": "25ac1063-e409-4190-8079-24548c77ea2e", "shortName": "huawei"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-command-en"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@huawei.com", "ID": "CVE-2017-15315", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "NIP6300,NIP6600,Secospace USG6300,Secospace USG6500", "version": {"version_data": [{"version_value": "NIP6300 V500R001C20SPC100, V500R001C20SPC200,NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200"}]}}]}, "vendor_name": "Huawei Technologies Co., Ltd."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200 has a memory leak vulnerability. An authenticated attacker could execute special commands many times, the memory leaking happened, which would cause the device to reset finally."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Memory Leak"}]}]}, "references": {"reference_data": [{"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-command-en", "refsource": "CONFIRM", "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-command-en"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T19:50:16.471Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-command-en"}]}]}, "cveMetadata": {"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e", "assignerShortName": "huawei", "cveId": "CVE-2017-15315", "datePublished": "2018-03-09T21:00:00", "dateReserved": "2017-10-14T00:00:00", "dateUpdated": "2024-08-05T19:50:16.471Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c20spc100:*:*:*:*:*:*:*", "matchCriteriaId": "80CC85C8-F102-4E5F-BAD3-9658D87CE953", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c20spc200:*:*:*:*:*:*:*", "matchCriteriaId": "CD3921D5-81A0-4700-A302-7F4C276D4ABE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c20spc100:*:*:*:*:*:*:*", "matchCriteriaId": "9038E75D-50F4-4849-BD2C-8846A353B53E", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c20spc200:*:*:*:*:*:*:*", "matchCriteriaId": "0545D687-6670-41B4-A1B1-1048879658B8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*", "matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20spc100:*:*:*:*:*:*:*", "matchCriteriaId": "8BBE3431-EBFA-4C4A-97B1-6384869FD197", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c20spc200:*:*:*:*:*:*:*", "matchCriteriaId": "9F11B551-9147-4DCA-8FEF-0874EEB83984", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*", "matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20spc100:*:*:*:*:*:*:*", "matchCriteriaId": "0B7BA85B-9D77-44C2-B91D-5C8FC20B25A1", "vulnerable": true}, {"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c20spc200:*:*:*:*:*:*:*", "matchCriteriaId": "2ED44F95-064A-4E85-A030-B15E88FBEAB4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*", "matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Patch module of Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100, V500R001C20SPC200 has a memory leak vulnerability. An authenticated attacker could execute special commands many times, the memory leaking happened, which would cause the device to reset finally."}, {"lang": "es", "value": "El m\u00f3dulo patch en Huawei NIP6300 V500R001C20SPC100, V500R001C20SPC200, NIP6600 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6300 V500R001C20SPC100, V500R001C20SPC200, Secospace USG6500 V500R001C20SPC100 y V500R001C20SPC200 tienen una vulnerabilidad de filtrado de memoria. Un atacante autenticado podr\u00eda ejecutar comandos especiales en numerosas ocasiones, por lo que ocurrir\u00eda un filtrado de memoria y, finalmente, el dispositivo se reiniciar\u00eda"}], "id": "CVE-2017-15315", "lastModified": "2024-11-21T03:14:26.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-03-09T21:29:00.517", "references": [{"source": "psirt@huawei.com", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-command-en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-command-en"}], "sourceIdentifier": "psirt@huawei.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-772"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}