Strix
26.1K

CVE-2017-2722

UnknownEPSS 1.21%

Last modified

CVE-2017-2722 is a vulnerability of currently unknown severity. DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30 have an input validation vulnerability.A remote attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. A successful exploit could allow the attacker to cause a denial of service or execute arbitrary code.. EPSS estimates a 1.21% chance of exploitation in the next 30 days.

Description

DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30 have an input validation vulnerability.A remote attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. A successful exploit could allow the attacker to cause a denial of service or execute arbitrary code.

Metrics

EPSS Probability
1.21%

64.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
HuaweiDp300 Firmwarev500r002c00
HuaweiTe60 Firmwarev100r001c01
HuaweiTe60 Firmwarev100r001c10
HuaweiTe60 Firmwarev100r003c00
HuaweiTe60 Firmwarev500r002c00
HuaweiTe60 Firmwarev600r006c00
HuaweiTp3106 Firmwarev100r001c06
HuaweiTp3106 Firmwarev100r002c00
HuaweiViewpoint 9030 Firmwarev100r011c02
HuaweiViewpoint 9030 Firmwarev100r011c03
HuaweiEcns210 Td Firmwarev100r004c10
HuaweiEspace 7950 Firmwarev200r003c00
HuaweiEspace 7950 Firmwarev200r003c30
HuaweiEspace Iad Firmwarev300r001c07spca00
HuaweiEspace Iad Firmwarev300r002c01spcb00
HuaweiEspace U1981 Firmwarev100r001c20
HuaweiEspace U1981 Firmwarev100r001c30
HuaweiEspace U1981 Firmwarev200r003c00
HuaweiEspace U1981 Firmwarev200r003c20
HuaweiEspace U1981 Firmwarev200r003c30

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2017-2722?
DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C00,ViewPoint 9030 with software V100R011C02, V100R011C03,eCNS210_TD with software V100R004C10,eSpace 7950 with software V200R003C00 and V200R003C30,eSpace IAD with software V300R001C07SPCa00 and V300R002C01SPCb00,eSpace U1981 with software V100R001C20, V100R001C30, V200R003C00, V200R003C20 and V200R003C30 have an input validation vulnerability.A remote attacker may exploit this vulnerability by crafting a malformed packet and sending it to the device. A successful exploit could allow the attacker to cause a denial of service or execute arbitrary code.
How severe is CVE-2017-2722?
Severity scoring for CVE-2017-2722 is pending analysis. The EPSS model estimates a 1.21% probability of exploitation in the next 30 days.
How do I fix CVE-2017-2722?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-2722?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST