CVE-2017-8147
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack.
Affected (143)
Products: Huawei: Ac6005 Firmware, Ac6605 Firmware, Ar1200 Firmware, Ar200 Firmware, Ar3200 Firmware, Cloudengine 12800 Firmware, Cloudengine 5800 Firmware, Cloudengine 6800 Firmware, Cloudengine 7800 Firmware, Cloudengine 8800 Firmware, E600 Firmware, S12700 Firmware, S1700 Firmware, S2300 Firmware, S2700 Firmware, S5300 Firmware, S5700 Firmware, S6300 Firmware, S6700 Firmware, S7700 Firmware, S9300 Firmware, S9700 Firmware, Secospace Usg6600 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r006c10spc200 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ac6005 | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r006c10spc200 |
| Running on/with | Platform Versions |
|---|---|
Huawei Ac6605 | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r005c10cp0582t |
| Running on/with | Platform Versions |
|---|---|
Huawei Ar1200 | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r005c20spc026t |
| Running on/with | Platform Versions |
|---|---|
Huawei Ar200 | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r005c20spc026t |
| Running on/with | Platform Versions |
|---|---|
Huawei Ar3200 | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r003c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Cloudengine 12800 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r003c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Cloudengine 5800 | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r003c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Cloudengine 6800 | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r003c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Cloudengine 7800 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r006c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Cloudengine 8800 | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r008c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei E600 | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r005c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S12700 | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r006c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S1700 | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r005c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S2300 | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r005c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S2700 | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r005c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S5300 | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r005c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S5700 | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r006c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S6300 | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r006c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S6700 | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r003c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S7700 | All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Version v100r001c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S9300 | All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Version v200r001c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei S9700 | All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Version v500r001c00 |
| Running on/with | Platform Versions |
|---|---|
Huawei Secospace Usg6600 | All versions |
References (2)
Source: psirt@huawei.com
Issue TrackingMitigationVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingMitigationVendor Advisory
Timeline
No history available yet.