← Back

CVE-2017-8213

nvd nist
Published: Nov 22, 2017Modified: May 13, 2026

JSON object

Loading...
5.3
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R005C00SPC201T, V500R002C00, V600R006C00 has an input validation vulnerability when handle TLS and DTLS handshake with certificate. Due to the insufficient validation of received PKI certificates, remote attackers could exploit this vulnerability to crash the TLS module.

Affected (9)

Huawei
1 product
Smc2.0 Firmware
Configuration A
9 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Huawei
Smc2.0 Firmware
Version v100r003c10
Smc2.0 Firmware
Version v100r005c00spc100
Smc2.0 Firmware
Version v100r005c00spc101b001t
Smc2.0 Firmware
Version v100r005c00spc102
Smc2.0 Firmware
Version v100r005c00spc103
Smc2.0 Firmware
Version v100r005c00spc200
Smc2.0 Firmware
Version v100r005c00spc201t
Smc2.0 Firmware
Version v500r002c00
Smc2.0 Firmware
Version v600r006c00
Running on/withPlatform Versions
Huawei
Smc2.0
All versions

Related CWEs

CWE-295
Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.

References (2)

Source: psirt@huawei.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.