Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-15345

Summary
Assigner-huawei
Assigner Org ID-25ac1063-e409-4190-8079-24548c77ea2e
Published At-15 Feb, 2018 | 16:00
Updated At-05 Aug, 2024 | 19:50
Rejected At-
Credits

Huawei Smartphones with software LON-L29DC721B186 have a denial of service vulnerability. An attacker could make an loop exit condition that cannot be reached by sending the crafted 3GPP message. Successful exploit could cause the device to reboot.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:huawei
Assigner Org ID:25ac1063-e409-4190-8079-24548c77ea2e
Published At:15 Feb, 2018 | 16:00
Updated At:05 Aug, 2024 | 19:50
Rejected At:
▼CVE Numbering Authority (CNA)

Huawei Smartphones with software LON-L29DC721B186 have a denial of service vulnerability. An attacker could make an loop exit condition that cannot be reached by sending the crafted 3GPP message. Successful exploit could cause the device to reboot.

Affected Products
Vendor
Huawei Technologies Co., Ltd.Huawei Technologies Co., Ltd.
Product
LON-L29D
Versions
Affected
  • LON-L29DC721B186
Problem Types
TypeCWE IDDescription
textN/ADoS
Type: text
CWE ID: N/A
Description: DoS
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-smartphone-en
x_refsource_CONFIRM
Hyperlink: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-smartphone-en
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-smartphone-en
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-smartphone-en
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@huawei.com
Published At:15 Feb, 2018 | 16:29
Updated At:22 Feb, 2018 | 14:41

Huawei Smartphones with software LON-L29DC721B186 have a denial of service vulnerability. An attacker could make an loop exit condition that cannot be reached by sending the crafted 3GPP message. Successful exploit could cause the device to reboot.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.05.3MEDIUM
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.7MEDIUM
AV:A/AC:M/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.0
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.7
Base severity: MEDIUM
Vector:
AV:A/AC:M/Au:N/C:N/I:N/A:C
CPE Matches
Huawei Technologies Co., Ltd.
huawei
>>lon-l29d_firmware>>lon-l29dc721b186
cpe:2.3:o:huawei:lon-l29d_firmware:lon-l29dc721b186:*:*:*:*:*:*:*
Huawei Technologies Co., Ltd.
huawei
>>lon-l29d>>-
cpe:2.3:h:huawei:lon-l29d:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-400Primarynvd@nist.gov
CWE ID: CWE-400
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-smartphone-enpsirt@huawei.com
Vendor Advisory
Hyperlink: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171108-01-smartphone-en
Source: psirt@huawei.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

23Records found
CVE-2021-40011
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.14% / 33.96%
||
7 Day CHG~0.00%
Published-07 Jan, 2022 | 22:39
Updated-04 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an uncontrolled resource consumption vulnerability in the display module. Successful exploitation of this vulnerability may affect integrity.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-magic_uiemuiharmonyosEMUI;Magic UI;HarmonyOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-17290
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.27% / 49.68%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Light Directory Access Protocol (LDAP) clients of Huawei TE60 with software V600R006C00, ViewPoint 9030 with software V100R011C02, V100R011C03 have a resource management errors vulnerability. An unauthenticated, remote attacker may make the LDAP server not respond to the client's request by controlling the LDAP server. Due to improper management of LDAP connection resource, a successful exploit may cause the connection resource exhausted of the LDAP client.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-viewpoint_9030viewpoint_9030_firmwarete60_firmwarete60TE60,ViewPoint 9030
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2021-37061
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:02
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Uncontrolled Resource Consumption vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to Screen projection application denial of service.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-41294
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-9.8||CRITICAL
EPSS-0.23% / 45.90%
||
7 Day CHG~0.00%
Published-25 Sep, 2023 | 11:00
Updated-24 Sep, 2024 | 15:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The DP module has a service hijacking vulnerability.Successful exploitation of this vulnerability may affect some Super Device services.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-41310
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-3.3||LOW
EPSS-0.03% / 8.47%
||
7 Day CHG~0.00%
Published-26 Sep, 2023 | 01:20
Updated-24 Sep, 2024 | 18:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Keep-alive vulnerability in the sticky broadcast mechanism. Successful exploitation of this vulnerability may cause malicious apps to run continuously in the background.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-52113
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.88%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 07:58
Updated-20 Jun, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

launchAnyWhere vulnerability in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosemuiEMUIHarmonyOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2024-40575
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.02% / 3.02%
||
7 Day CHG~0.00%
Published-24 Jul, 2024 | 00:00
Updated-18 Mar, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Huawei Technologies opengauss (openGauss 5.0.0 build) v.7.3.0 allows a local attacker to cause a denial of service via the modification of table attributes

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-opengaussn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-52098
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.07% / 22.46%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 09:08
Updated-11 Jun, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this vulnerability will affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosHarmonyOSEMUI
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2023-34166
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.10% / 28.61%
||
7 Day CHG~0.00%
Published-19 Jun, 2023 | 00:00
Updated-12 Dec, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability of system restart triggered by abnormal callbacks passed to APIs.Successful exploitation of this vulnerability may cause the system to restart.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiHarmonyOSEMUI
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2016-8780
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.23% / 45.98%
||
7 Day CHG~0.00%
Published-02 Apr, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei CloudEngine 6800 V100R006C00, CloudEngine 7800 V100R006C00, CloudEngine 8800 V100R006C00, and CloudEngine 12800 V100R006C00 allow remote attackers with specific permission to store massive files to exhaust the shared storage space, leading to a DoS condition.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-cloudengine_7800cloudengine_8800_firmwarecloudengine_12800_firmwarecloudengine_6800_firmwarecloudengine_12800cloudengine_7800_firmwarecloudengine_8800cloudengine_6800CloudEngine 6800, CloudEngine 7800, CloudEngine 8800, CloudEngine 12800 CloudEngine 6800 V100R006C00,CloudEngine 7800 V100R006C00,CloudEngine 8800 V100R006C00,CloudEngine 12800 V100R006C00,
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-48351
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.10% / 27.96%
||
7 Day CHG~0.00%
Published-27 Mar, 2023 | 00:00
Updated-24 Feb, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The secure OS module has configuration defects. Successful exploitation of this vulnerability may affect availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-emuiharmonyosEMUIHarmonyOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-46315
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.50%
||
7 Day CHG~0.00%
Published-20 Dec, 2022 | 00:00
Updated-17 Apr, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosEMUIHarmonyOS
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2022-46740
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 11.74%
||
7 Day CHG~0.00%
Published-28 Dec, 2022 | 00:00
Updated-11 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a denial of service vulnerability in the Wi-Fi module of the HUAWEI WS7100-20 Smart WiFi Router.Successful exploit could cause a denial of service (DoS) condition.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ws7100-20_firmwarews7100-20WS7100-20
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-7920
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.73%
||
7 Day CHG~0.00%
Published-19 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 17:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200 V200R006C10SPC300, AR2200 V200R006C10SPC300, AR3200 V200R006C10SPC300 devices have an improper resource management vulnerability. Due to the improper implementation of ACL mechanism, a remote attacker may send TCP messages to the management interface of the affected device to exploit this vulnerability. Successful exploit could exhaust the socket resource of management interface, leading to a DoS condition.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-ar2200_firmwarear200ar1200ar160_firmwarear3200_firmwarear2200ar3200ar200_firmwarear1200_firmwarear160AR1200, AR160, AR200, AR2200, AR3200
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2014-9697
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.26% / 48.99%
||
7 Day CHG~0.00%
Published-17 Oct, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei USG9560/9520/9580 before V300R001C01SPC300 allows remote attackers to cause a memory leak or denial of service (memory exhaustion, reboot and MPU switchover) via a crafted website.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-usg9580usg9520usg9560_firmwareusg9560usg9520_firmwareusg9580_firmwaren/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-2690
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.91%
||
7 Day CHG~0.00%
Published-22 Nov, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SoftCo with software V200R003C20,eSpace U1910 with software V200R003C00, V200R003C20 and V200R003C30,eSpace U1911 with software V200R003C20, V200R003C30,eSpace U1930 with software V200R003C20 and V200R003C30,eSpace U1960 with software V200R003C20, V200R003C30,eSpace U1980 with software V200R003C20, V200R003C30,eSpace U1981 with software V200R003C20 and V200R003C30 have an denial of service (DoS) vulnerability, which allow an attacker with specific permission to craft a file containing malicious data and upload it to the device to exhaust memory, causing a DoS condition.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-softcoespace_u1960espace_u1930_firmwareespace_u1981espace_u1911espace_u1910espace_u1981_firmwareespace_u1980_firmwareespace_u1910_firmwareespace_u1960_firmwaresoftco_firmwareespace_u1980espace_u1930espace_u1911_firmwareSoftCo,eSpace U1910,eSpace U1911,eSpace U1930,eSpace U1960,eSpace U1980,eSpace U1981
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-2734
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 21.60%
||
7 Day CHG~0.00%
Published-22 Nov, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

P9 Plus smartphones with software versions earlier before VIE-AL10BC00B386 have a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, and the application can send given parameter to specific interface, which make a large number of memory allocation and the smart phone will be crash for memory exhaustion.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-p9_plus_firmwarep9_plusP9 Plus
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-17166
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-5.3||MEDIUM
EPSS-0.23% / 45.56%
||
7 Day CHG~0.00%
Published-15 Feb, 2018 | 16:00
Updated-05 Aug, 2024 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, TP3206 V100R002C00, VP9660 V500R002C00, V500R002C10 have a resource exhaustion vulnerability. The software does not process certain field of H.323 message properly, a remote unauthenticated attacker could send crafted H.323 message to the device, successful exploit could cause certain service unavailable since the stack memory is exhausted.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-secospace_usg6500_firmwaresecospace_usg6500tp3206vp9660dp300tp3206_firmwarevp9660_firmwaresecospace_usg6600_firmwaresecospace_usg6300dp300_firmwaresecospace_usg6600secospace_usg6300_firmwareDP300, Secospace USG6300,Secospace USG6500,Secospace USG6600,TP3206, VP9660
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-15323
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 3.91%
||
7 Day CHG~0.00%
Published-09 Mar, 2018 | 21:00
Updated-05 Aug, 2024 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eCNS210_TD V100R004C10, eSpace U1981 V200R003C30 have a DoS vulnerability caused by memory exhaustion in some Huawei products. For lacking of adequate input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service (DoS).

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-secospace_usg6500_firmwareviewpoint_9030secospace_usg6500viewpoint_9030_firmwarevp9660te60viewpoint_8660_firmwaredp300_firmwaretp3106_firmwarenip6600espace_u1981_firmwaredp300ecns210_td_firmwaretp3106vp9660_firmwareviewpoint_8660ecns210_tdnip6600_firmwareespace_u1981te60_firmwareDP300,NIP6600,Secospace USG6500,TE60,TP3106,VP9660,ViewPoint 8660,ViewPoint 9030,eCNS210_TD,eSpace U1981
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-9203
Matching Score-6
Assigner-Huawei Technologies
ShareView Details
Matching Score-6
Assigner-Huawei Technologies
CVSS Score-3.3||LOW
EPSS-0.02% / 4.33%
||
7 Day CHG~0.00%
Published-13 Jan, 2021 | 22:01
Updated-04 Aug, 2024 | 10:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a resource management errors vulnerability in Huawei P30. Local attackers construct broadcast message for some application, causing this application to send this broadcast message and impact the customer's use experience.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-p30_firmwarep30HUAWEI P30
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2017-6161
Matching Score-4
Assigner-F5, Inc.
ShareView Details
Matching Score-4
Assigner-F5, Inc.
CVSS Score-5.3||MEDIUM
EPSS-2.59% / 84.99%
||
7 Day CHG~0.00%
Published-27 Oct, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator software version 12.0.0 - 12.1.2, 11.6.0 - 11.6.1, 11.4.0 - 11.5.4, 11.2.1, when ConfigSync is configured, attackers on adjacent networks may be able to bypass the TLS protections usually used to encrypted and authenticate connections to mcpd. This vulnerability may allow remote attackers to cause a denial-of-service (DoS) attack via resource exhaustion.

Action-Not Available
Vendor-F5, Inc.
Product-big-ip_domain_name_systembig-ip_application_security_managerbig-ip_advanced_firewall_managerbig-ip_local_traffic_managerbig-ip_application_acceleration_managerbig-ip_link_controllerbig-ip_global_traffic_managerbig-ip_policy_enforcement_managerbig-ip_webacceleratorbig-ip_edge_gatewaybig-ip_access_policy_managerBIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2019-3874
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.05% / 13.97%
||
7 Day CHG~0.00%
Published-25 Mar, 2019 | 18:30
Updated-04 Aug, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.

Action-Not Available
Vendor-Linux Kernel Organization, IncDebian GNU/LinuxNetApp, Inc.The Linux FoundationRed Hat, Inc.Canonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kernelcn1610hci_management_nodeenterprise_linuxcn1610_firmwareactive_iq_unified_manager_for_vmware_vspheresnapprotectsolidfirekernel
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3512
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.10% / 28.45%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 17:51
Updated-13 Nov, 2024 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient validation of LLDP messages in the PROFINET LLDP message handler. An attacker could exploit this vulnerability by sending a malicious LLDP message to an affected device. A successful exploit could allow the attacker to cause the affected device to reload.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_c9200l-48pxg-4xie_2000-4t_industrial_ethernet_switchcatalyst_c9407rcatalyst_c9300-48pie-4000-16t4g-ecatalyst_3650-12x48urie_2000-16tc_industrial_ethernet_switchie-3300-8u2x-ecatalyst_c9500-16xcatalyst_c9200-24pcatalyst_c9200l-48pxg-2ycatalyst_c9200l-48t-4gcatalyst_3650-24pdmie-4000-4tc4g-eie-2000u-16tc-gpie-4010-16s12p_industrial_ethernet_switchcatalyst_3850-nm-2-40gcatalyst_c9300l-48p-4xcatalyst_c9500-24y4cie_2000-8tc-g_industrial_ethernet_switchcatalyst_c9200l-24t-4gie-3200-8t2s-eie_2000-16ptc-g_industrial_ethernet_switchie-2000u-16tc-g-xcatalyst_3650-12x48uzie_2000-4ts_industrial_ethernet_switchie-3400-8p2s-eiem-3400-8scatalyst_3850-48xscatalyst_3650-12x48uqie-2000u-4t-gscatalyst_c9200l-48p-4gie-3010-16s-8pc_industrial_ethernet_switchiem-3400-8tie_2000-8tc-g-e_industrial_ethernet_switchcatalyst_3650-8x24uqiem-3300-8sie-3300-8t2x-ecatalyst_c9300l-24t-4gie_2000-16tc-g-e_industrial_ethernet_switchie-4000-8s4g-ecatalyst_c9200l-24pxg-2yie-3400-8p2s-aie_2000-24t67_industrial_ethernet_switchie_2000-16t67_industrial_ethernet_switchiem-3300-8tiem-3300-16pie-4000-8gt8gp4g-ecatalyst_c9300l-24p-4xcatalyst_c9200l-24p-4xiem-3300-14t2scatalyst_c9300l-48p-4gie-4000-8gt4g-eie-5000-12s12p-10giem-3300-8pie-4000-4gs8gp4g-eie_2000-8t67_industrial_ethernet_switchcatalyst_c9300-48uxmiem-3300-16tie-3300-8t2s-eess_2020ie-3400-8t2s-acatalyst_c9500-40xie-4000-8gs4g-eie-4000-16gt4g-eie_2000-16tc-g-n_industrial_ethernet_switchie_2000-8tc-g-n_industrial_ethernet_switchcatalyst_c9200-24tcatalyst_3650-48fqmcatalyst_c9200l-48p-4xcatalyst_c9410rie-4000-4t4p4g-ecatalyst_c9300-24pie-4000-8t4g-ecatalyst_c9300-48uie-3400-8t2s-ecatalyst_3650-24pdcatalyst_c9300-48tcatalyst_c9500-12qie-5000-16s12pie-2000u-16tc-gcatalyst_c9500-24qcatalyst_c9200-48tcatalyst_c9300-24sie-4000-4gc4gp4g-eie-4000-4s8p4g-ecatalyst_c9404rcatalyst_c9300-24ucatalyst_c9200l-48t-4xie-2000u-4ts-gie-4010-4s24p_industrial_ethernet_switchcatalyst_c9500-32cconnected_grid_switch_2520ie-3300-8t2x-acatalyst_c9300l-24p-4gie-3000catalyst_c9500-32qccatalyst_c9200l-24p-4gess_3300catalyst_c9300-48sie-1000ie_2000-16t67p_industrial_ethernet_switchie-3300-8p2s-ecatalyst_c9300l-48t-4xie-3300-8u2x-aie_2000-8t67p_industrial_ethernet_switchie_2000-4ts-g_industrial_ethernet_switchcatalyst_c9300l-24t-4xcatalyst_c9200-48pie_2000-4t-g_industrial_ethernet_switchie-2000u-8tc-gie-3300-8p2s-aie_2000-16tc-g_industrial_ethernet_switchcatalyst_3850-24xscatalyst_c9300-48uncatalyst_c9200l-24t-4xiem-3400-8piem-3300-4mu-2catalyst_c9300-24tie_2000-4s-ts-g_industrial_ethernet_switchcatalyst_c9200l-24pxg-4xiem-3300-6t2sie-3200-8p2s-eios_xecatalyst_c9300l-48t-4gcatalyst_c9500-48y4cie_2000-16tc-g-x_industrial_ethernet_switchcatalyst_3850-nm-8-10gcatalyst_c9300-24uxie-3010-24tc_industrial_ethernet_switchie-3300-8t2s-aie-2000u-4s-gCisco IOS
CWE ID-CWE-388
Not Available
CWE ID-CWE-400
Uncontrolled Resource Consumption
Details not found