← Back

CVE-2017-17154

nvd nist
Published: Feb 15, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has a DoS vulnerability due to insufficient input validation. An attacker could exploit it to cause unauthorized memory access, which may further lead to system exceptions.

Affected (122)

Huawei
8 products
Ips Module Firmware
Ngfw Module Firmware
Nip6300 Firmware
Nip6600 Firmware
Secospace Usg6300 Firmware
Secospace Usg6500 Firmware
Secospace Usg6600 Firmware
Usg9500 Firmware
Configuration A
14 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Ips Module Firmware
Version v500r001c00
Ips Module Firmware
Version v500r001c00spc200
Ips Module Firmware
Version v500r001c00spc300
Ips Module Firmware
Version v500r001c00spc500
Ips Module Firmware
Version v500r001c00sph303
Ips Module Firmware
Version v500r001c00sph508
Ips Module Firmware
Version v500r001c20
Ips Module Firmware
Version v500r001c20spc100
Ips Module Firmware
Version v500r001c20spc100pwe
Ips Module Firmware
Version v500r001c20spc200
Ips Module Firmware
Version v500r001c20spc200b062
Ips Module Firmware
Version v500r001c20spc200pwe
Ips Module Firmware
Version v500r001c20spc300b078
Ips Module Firmware
Version v500r001c20spc300pwe
Running on/withPlatform Versions
Huawei
Ips Module
All versions
Configuration B
15 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Ngfw Module Firmware
Version v500r001c00
Ngfw Module Firmware
Version v500r001c00spc200
Ngfw Module Firmware
Version v500r001c00spc300
Ngfw Module Firmware
Version v500r001c00spc500
Ngfw Module Firmware
Version v500r001c00spc500pwe
Ngfw Module Firmware
Version v500r001c00sph303
Ngfw Module Firmware
Version v500r001c00sph508
Ngfw Module Firmware
Version v500r001c20
Ngfw Module Firmware
Version v500r001c20spc100
Ngfw Module Firmware
Version v500r001c20spc100pwe
Ngfw Module Firmware
Version v500r001c20spc200
Ngfw Module Firmware
Version v500r001c20spc200b062
Ngfw Module Firmware
Version v500r001c20spc200pwe
Ngfw Module Firmware
Version v500r001c20spc300b078
Ngfw Module Firmware
Version v500r001c20spc300pwe
Running on/withPlatform Versions
Huawei
Ngfw Module
All versions
Configuration C
14 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Nip6300 Firmware
Version v500r001c00
Nip6300 Firmware
Version v500r001c00spc200
Nip6300 Firmware
Version v500r001c00spc300
Nip6300 Firmware
Version v500r001c00spc500
Nip6300 Firmware
Version v500r001c00sph303
Nip6300 Firmware
Version v500r001c00sph508
Nip6300 Firmware
Version v500r001c20
Nip6300 Firmware
Version v500r001c20spc100
Nip6300 Firmware
Version v500r001c20spc100pwe
Nip6300 Firmware
Version v500r001c20spc200
Nip6300 Firmware
Version v500r001c20spc200b062
Nip6300 Firmware
Version v500r001c20spc200pwe
Nip6300 Firmware
Version v500r001c20spc300b078
Nip6300 Firmware
Version v500r001c20spc300pwe
Running on/withPlatform Versions
Huawei
Nip6300
All versions
Configuration D
13 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Nip6600 Firmware
Version v500r001c00
Nip6600 Firmware
Version v500r001c00spc200
Nip6600 Firmware
Version v500r001c00spc300
Nip6600 Firmware
Version v500r001c00spc500
Nip6600 Firmware
Version v500r001c00sph303
Nip6600 Firmware
Version v500r001c00sph508
Nip6600 Firmware
Version v500r001c20
Nip6600 Firmware
Version v500r001c20spc100
Nip6600 Firmware
Version v500r001c20spc100pwe
Nip6600 Firmware
Version v500r001c20spc200
Nip6600 Firmware
Version v500r001c20spc200b062
Nip6600 Firmware
Version v500r001c20spc200pwe
Nip6600 Firmware
Version v500r001c20spc300b078
Running on/withPlatform Versions
Huawei
Nip6600
All versions
Configuration E
16 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Secospace Usg6300 Firmware
Version v500r001c00
Secospace Usg6300 Firmware
Version v500r001c00spc200
Secospace Usg6300 Firmware
Version v500r001c00spc300
Secospace Usg6300 Firmware
Version v500r001c00spc500
Secospace Usg6300 Firmware
Version v500r001c00spc500pwe
Secospace Usg6300 Firmware
Version v500r001c00sph303
Secospace Usg6300 Firmware
Version v500r001c00sph508
Secospace Usg6300 Firmware
Version v500r001c20
Secospace Usg6300 Firmware
Version v500r001c20spc100
Secospace Usg6300 Firmware
Version v500r001c20spc100pwe
Secospace Usg6300 Firmware
Version v500r001c20spc101
Secospace Usg6300 Firmware
Version v500r001c20spc200
Secospace Usg6300 Firmware
Version v500r001c20spc200b062
Secospace Usg6300 Firmware
Version v500r001c20spc200pwe
Secospace Usg6300 Firmware
Version v500r001c20spc300b078
Secospace Usg6300 Firmware
Version v500r001c20spc300pwe
Running on/withPlatform Versions
Huawei
Secospace Usg6300
All versions
Configuration F
16 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Secospace Usg6500 Firmware
Version v500r001c00
Secospace Usg6500 Firmware
Version v500r001c00spc200
Secospace Usg6500 Firmware
Version v500r001c00spc300
Secospace Usg6500 Firmware
Version v500r001c00spc500
Secospace Usg6500 Firmware
Version v500r001c00spc500pwe
Secospace Usg6500 Firmware
Version v500r001c00sph303
Secospace Usg6500 Firmware
Version v500r001c00sph508
Secospace Usg6500 Firmware
Version v500r001c20
Secospace Usg6500 Firmware
Version v500r001c20spc100
Secospace Usg6500 Firmware
Version v500r001c20spc100pwe
Secospace Usg6500 Firmware
Version v500r001c20spc101
Secospace Usg6500 Firmware
Version v500r001c20spc200
Secospace Usg6500 Firmware
Version v500r001c20spc200b062
Secospace Usg6500 Firmware
Version v500r001c20spc200pwe
Secospace Usg6500 Firmware
Version v500r001c20spc300b078
Secospace Usg6500 Firmware
Version v500r001c20spc300pwe
Running on/withPlatform Versions
Huawei
Secospace Usg6500
All versions
Configuration G
17 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Secospace Usg6600 Firmware
Version v500r001c00
Secospace Usg6600 Firmware
Version v500r001c00spc100
Secospace Usg6600 Firmware
Version v500r001c00spc200
Secospace Usg6600 Firmware
Version v500r001c00spc300
Secospace Usg6600 Firmware
Version v500r001c00spc301
Secospace Usg6600 Firmware
Version v500r001c00spc500
Secospace Usg6600 Firmware
Version v500r001c00spc500pwe
Secospace Usg6600 Firmware
Version v500r001c00sph303
Secospace Usg6600 Firmware
Version v500r001c20
Secospace Usg6600 Firmware
Version v500r001c20spc100
Secospace Usg6600 Firmware
Version v500r001c20spc100pwe
Secospace Usg6600 Firmware
Version v500r001c20spc101
Secospace Usg6600 Firmware
Version v500r001c20spc200
Secospace Usg6600 Firmware
Version v500r001c20spc200pwe
Secospace Usg6600 Firmware
Version v500r001c20spc300
Secospace Usg6600 Firmware
Version v500r001c20spc300b078
Secospace Usg6600 Firmware
Version v500r001c20spc300pwe
Running on/withPlatform Versions
Huawei
Secospace Usg6600
All versions
Configuration H
17 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Usg9500 Firmware
Version v500r001c00
Usg9500 Firmware
Version v500r001c00spc200
Usg9500 Firmware
Version v500r001c00spc300
Usg9500 Firmware
Version v500r001c00spc303
Usg9500 Firmware
Version v500r001c00spc500
Usg9500 Firmware
Version v500r001c00spc500pwe
Usg9500 Firmware
Version v500r001c00sph303
Usg9500 Firmware
Version v500r001c00sph508
Usg9500 Firmware
Version v500r001c20
Usg9500 Firmware
Version v500r001c20spc100
Usg9500 Firmware
Version v500r001c20spc100pwe
Usg9500 Firmware
Version v500r001c20spc101
Usg9500 Firmware
Version v500r001c20spc200
Usg9500 Firmware
Version v500r001c20spc200b062
Usg9500 Firmware
Version v500r001c20spc200pwe
Usg9500 Firmware
Version v500r001c20spc300b078
Usg9500 Firmware
Version v500r001c20spc300pwe
Running on/withPlatform Versions
Huawei
Usg9500
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (2)

Source: psirt@huawei.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.