VYPR
← All advisories
Unrated severityNVD Advisory· Published Feb 15, 2018· Updated Aug 5, 2024

CVE-2017-17284

CVE-2017-17284

Description

Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00 have a resource management error vulnerability. A remote attacker may send huge number of specially crafted SIP messages to the affected products. Due to improper handling of some value in the messages, successful exploit will cause some services abnormal.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A resource management error in Huawei DP300, RP200, TE30, TE40, TE50, TE60 allows remote attackers to cause service abnormalities by sending a huge number of specially crafted SIP messages.

Vulnerability

A resource management error exists in the SIP module of multiple Huawei products: DP300 V500R002C00, RP200 V500R002C00 and V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00. The vulnerability is triggered when a remote attacker sends a huge number of specially crafted SIP messages. Due to improper handling of some values in the messages, the affected products fail to manage resources correctly, leading to service abnormalities. [1]

Exploitation

An attacker can exploit this vulnerability remotely without authentication. The attacker must be able to send a large volume of specially crafted SIP messages to the target device. The exact sequence involves crafting SIP messages with malicious values that cause resource exhaustion or mismanagement. No user interaction is required. [1]

Impact

Successful exploitation causes some services on the affected products to become abnormal. The impact is primarily availability (denial of service) as services may crash or become unresponsive. No information disclosure or code execution is mentioned. [1]

Mitigation

Huawei has released software updates to fix this vulnerability. For DP300, the resolved version is V500R002C00SPCb00. For other products, the advisory lists resolved versions. Users should upgrade to the fixed versions as indicated in the security advisory. No workarounds are provided. [1]

References
  1. Security Advisory - Two Vulnerabilities in the SIP Module of Some Huawei Products

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

7
  • Huawei/Te30llm-fuzzy
    Range: V100R001C10, V500R002C00, V600R006C00
  • Huawei/Te40llm-fuzzy
    Range: V500R002C00, V600R006C00
  • Huawei/Te50llm-fuzzy
    Range: V500R002C00, V600R006C00
  • Huawei/Te60llm-fuzzy
    Range: V100R001C01, V100R001C10, V500R002C00, V600R006C00
  • Huawei/DP300llm-fuzzy
    Range: V500R002C00
  • Huawei/RP200llm-fuzzy
    Range: V500R002C00, V600R006C00
  • Huawei Technologies Co., Ltd./DP300,RP200,TE30,TE40,TE50,TE60v5
    Range: DP300 V500R002C00,RP200 V500R002C00, V600R006C00,TE30 V100R001C10, V500R002C00, V600R006C00,TE40 V500R002C00, V600R006C00,TE50 V500R002C00, V600R006C00,TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.