Strix
26.1K

CVE-2017-17141

UnknownEPSS 0.72%

Last modified

CVE-2017-17141 is a vulnerability of currently unknown severity. Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00; V200R009C00;S3700 V100R006C03;S5700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R003C02; V200R005C00; V200R005C01; V200R005C02; V200R005C03; V200R006C00; V200R007C00; V200R008C00; V200R009C00;S6700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R005C01; V200R005C02; V200R008C00; V200R009C00;S7700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R006C01; V200R007C00; V200R007C01; V200R008C00; V200R008C06; V200R009C00;S9700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R008C00; V200R009C00 have a memory leak vulnerability. In some specific conditions, if attackers send specific malformed MPLS Service PING messages to the affected products, products do not release the memory when handling the packets. EPSS estimates a 0.72% chance of exploitation in the next 30 days.

Description

Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00; V200R009C00;S3700 V100R006C03;S5700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R003C02; V200R005C00; V200R005C01; V200R005C02; V200R005C03; V200R006C00; V200R007C00; V200R008C00; V200R009C00;S6700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R005C01; V200R005C02; V200R008C00; V200R009C00;S7700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R006C01; V200R007C00; V200R007C01; V200R008C00; V200R008C06; V200R009C00;S9700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R008C00; V200R009C00 have a memory leak vulnerability. In some specific conditions, if attackers send specific malformed MPLS Service PING messages to the affected products, products do not release the memory when handling the packets. So successful exploit will result in memory leak of the affected products.

Metrics

EPSS Probability
0.72%

49.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
HuaweiS12700 Firmwarev200r005c00
HuaweiS12700 Firmwarev200r006c00
HuaweiS12700 Firmwarev200r007c00
HuaweiS12700 Firmwarev200r007c01
HuaweiS12700 Firmwarev200r007c20
HuaweiS12700 Firmwarev200r008c00
HuaweiS12700 Firmwarev200r009c00
HuaweiS1700 Firmwarev200r006c10
HuaweiS1700 Firmwarev200r009c00
HuaweiS2700 Firmwarev100r006c03
HuaweiS2700 Firmwarev200r003c00
HuaweiS2700 Firmwarev200r005c00
HuaweiS2700 Firmwarev200r006c00
HuaweiS2700 Firmwarev200r006c10
HuaweiS2700 Firmwarev200r007c00
HuaweiS2700 Firmwarev200r007c00b050
HuaweiS2700 Firmwarev200r007c00spc009t
HuaweiS2700 Firmwarev200r007c00spc019t
HuaweiS2700 Firmwarev200r008c00
HuaweiS2700 Firmwarev200r009c00
HuaweiS3700 Firmwarev100r006c03
HuaweiS5700 Firmwarev200r001c00
HuaweiS5700 Firmwarev200r001c01
HuaweiS5700 Firmwarev200r002c00
HuaweiS5700 Firmwarev200r003c00
HuaweiS5700 Firmwarev200r003c02
HuaweiS5700 Firmwarev200r005c00
HuaweiS5700 Firmwarev200r005c01
HuaweiS5700 Firmwarev200r005c02
HuaweiS5700 Firmwarev200r005c03
HuaweiS5700 Firmwarev200r006c00
HuaweiS5700 Firmwarev200r007c00
HuaweiS5700 Firmwarev200r008c00
HuaweiS5700 Firmwarev200r009c00
HuaweiS6700 Firmwarev200r001c00
HuaweiS6700 Firmwarev200r001c01
HuaweiS6700 Firmwarev200r002c00
HuaweiS6700 Firmwarev200r003c00
HuaweiS6700 Firmwarev200r005c00
HuaweiS6700 Firmwarev200r005c01
HuaweiS6700 Firmwarev200r005c02
HuaweiS6700 Firmwarev200r008c00
HuaweiS6700 Firmwarev200r009c00
HuaweiS7700 Firmwarev200r001c00
HuaweiS7700 Firmwarev200r001c01
HuaweiS7700 Firmwarev200r002c00
HuaweiS7700 Firmwarev200r003c00
HuaweiS7700 Firmwarev200r005c00
HuaweiS7700 Firmwarev200r006c00
HuaweiS7700 Firmwarev200r006c01

Showing 50 of 65 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2017-17141?
Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00; V200R009C00;S3700 V100R006C03;S5700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R003C02; V200R005C00; V200R005C01; V200R005C02; V200R005C03; V200R006C00; V200R007C00; V200R008C00; V200R009C00;S6700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R005C01; V200R005C02; V200R008C00; V200R009C00;S7700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R006C01; V200R007C00; V200R007C01; V200R008C00; V200R008C06; V200R009C00;S9700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R008C00; V200R009C00 have a memory leak vulnerability. In some specific conditions, if attackers send specific malformed MPLS Service PING messages to the affected products, products do not release the memory when handling the packets. So successful exploit will result in memory leak of the affected products.
How severe is CVE-2017-17141?
Severity scoring for CVE-2017-17141 is pending analysis. The EPSS model estimates a 0.72% probability of exploitation in the next 30 days.
How do I fix CVE-2017-17141?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-17141?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST