CVE-2017-15323
Description
Huawei DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eCNS210_TD V100R004C10, eSpace U1981 V200R003C30 have a DoS vulnerability caused by memory exhaustion in some Huawei products. For lacking of adequate input validation, attackers can craft and send some malformed messages to the target device to exhaust the memory of the device and cause a Denial of Service (DoS).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A DoS vulnerability in multiple Huawei products allows attackers to exhaust device memory via crafted malformed messages.
Vulnerability
In Huawei DP300 V500R002C00, NIP6600 V500R001C00/C20/C30, Secospace USG6500 V500R001C00/C20/C30, TE60 V100R001C01/C10/C03, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02/C30, V500R002C00/C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02/C03, eCNS210_TD V100R004C10, and eSpace U1981 V200R003C30, insufficient input validation allows an attacker to send malformed messages, causing memory exhaustion and a Denial of Service (DoS). [1]
Exploitation
An attacker with network access can craft and send specially malformed messages to the target device. No authentication is required. The repeated sending of such messages exhausts the device's memory, leading to a DoS condition. [1]
Impact
Successful exploitation results in a Denial of Service (DoS), making the device unavailable. This can disrupt normal operation and potentially affect network services relying on the device. [1]
Mitigation
Huawei has released software updates to fix this vulnerability. Affected users should upgrade to the resolved versions: DP300 to V500R002C00SPC800, NIP6600 to V500R001C60SPC500 + V500R001SPH015, Secospace USG6500 to V500R001C60SPC500 + V500R001SPH015, TE60 to V600R006C00SPC300, TP3106 to V100R002C00SPC200, VP9660 to V500R002C00SPC300, ViewPoint 8660 to V100R008C03SPC500, ViewPoint 9030 to V100R011C03SPC200, eCNS210_TD to V100R004C10SPC300, and eSpace U1981 to V200R003C30SPC600. For a complete list, refer to [1]. No workarounds are mentioned.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
11- Range: V100R008C03
- Range: V100R011C02, V100R011C03
- Range: V200R003C30
- Range: V100R004C10
- Range: V500R001C00, V500R001C20, V500R001C30
- Huawei Technologies Co., Ltd./DP300,NIP6600,Secospace USG6500,TE60,TP3106,VP9660,ViewPoint 8660,ViewPoint 9030,eCNS210_TD,eSpace U1981v5Range: DP300 V500R002C00, NIP6600 V500R001C00, V500R001C20, V500R001C30, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, TE60 V100R001C01, V100R001C10, V100R003C00, V500R002C00, V600R006C00, TP3106 V100R001C06, V100R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02, V100R011C03, eCNS210_TD V100R004C10, eSpace U1981 V200R003C30
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20171201-01-pse-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.