CVE-2017-17290
Description
The Light Directory Access Protocol (LDAP) clients of Huawei TE60 with software V600R006C00, ViewPoint 9030 with software V100R011C02, V100R011C03 have a resource management errors vulnerability. An unauthenticated, remote attacker may make the LDAP server not respond to the client's request by controlling the LDAP server. Due to improper management of LDAP connection resource, a successful exploit may cause the connection resource exhausted of the LDAP client.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An unauthenticated, remote attacker can exhaust LDAP client connection resources by controlling the LDAP server, impacting Huawei TE60 and ViewPoint 9030.
Vulnerability
The Light Directory Access Protocol (LDAP) clients of Huawei TE60 with software V600R006C00, ViewPoint 9030 with software V100R011C02 and V100R011C03 have a resource management errors vulnerability. An unauthenticated, remote attacker may control a malicious LDAP server that causes the LDAP client to exhaust its connection resources due to improper management of LDAP connection resources [1].
Exploitation
An attacker needs to control an LDAP server that the affected device connects to. The attacker does not require authentication. By responding to LDAP client requests in a way that consumes connection resources, the attacker can exhaust the client's connection pool, preventing legitimate LDAP operations [1].
Impact
Successful exploitation leads to denial of service: the LDAP client on the affected Huawei product becomes unable to establish new LDAP connections, causing disruption of directory services [1].
Mitigation
Huawei has released software updates: TE60 upgrade to V600R006C00SPC300, and ViewPoint 9030 upgrade to V100R011C03SPC700. For V100R011C02, upgrade to V100R011C03SPC700. No workarounds are mentioned. Users should apply the updates as recommended in the security advisory [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Range: = V100R011C02, V100R011C03
- Huawei Technologies Co., Ltd./TE60,ViewPoint 9030v5Range: TE60 V600R006C00, ViewPoint 9030 V100R011C02, V100R011C03
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-ldap-enmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.