Vulnerabilities > CVE-2017-2712 - Channel and Path Errors vulnerability in Huawei S3300 Firmware V100R006C05

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

huawei

CWE-417

NVD

Published: 2017-11-22

Updated: 2017-12-08

Summary

S3300 V100R006C05 have an Ethernet in the First Mile (EFM) flapping vulnerability due to the lack of type-length-value (TLV) consistency check. An attacker may craft malformed packets and send them to a device to cause EFM flapping.

Vulnerable Configurations

Part	Description	Count
OS	Huawei Huawei S3300 Firmware V100R006C05	1
Hardware	Huawei Huawei S3300 -	1

Common Weakness Enumeration (CWE)

CWE-417 - Channel and Path Errors

References

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170118-01-vrp-en
http://www.securityfocus.com/bid/95662