What is CVE-2017-2712?

CVE-2017-2712 is a medium-severity vulnerability in Huawei S3300, classified under CWE-417. CVSS score: 5.3/10. Published 2017-11-22.

How severe is CVE-2017-2712?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in Huawei S3300

CVE-2017-2712

S3300 V100R006C05 have an Ethernet in the First Mile (EFM) flapping vulnerability due to the lack of type-length-value (TLV) consistency check. An attacker may craft malformed packets and send them to a device to cause EFM flapping.

EPSS: 0.002 (38.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L.

Affected products

Huawei S3300
Huawei S3300_firmware — versions v100r006c05
Huawei Technologies Co., Ltd. S3300 — versions V100R006C05

Weakness classification (CWE)

CWE-417

References

psirt@huawei.com (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
psirt@huawei.com (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2017-2712?: CVE-2017-2712 is a medium-severity vulnerability in Huawei S3300, classified under CWE-417. CVSS score: 5.3/10. Published 2017-11-22.
How severe is CVE-2017-2712?: Medium severity. CVSS v3 base score is 5.3 out of 10.