Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huaweiHuawei TechnologiesHUAWEI-SA-20171213-01-IKE
HistoryDec 13, 2017 - 12:00 a.m.

Security Advisory - Buffer Overflow Vulnerability in Some Huawei Products

2017-12-1300:00:00
Huawei Technologies
www.huawei.com
13

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.003

Percentile

69.5%

JSON

Some Huawei products have a buffer overflow vulnerability due to incomplete range checks of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious IKE packets to the targeted device. An exploit could allow the attacker to cause the device to write out of bound and restart. (Vulnerability ID: HWPSIRT-2017-02047)
This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17160.
Huawei has released software updates to fix this vulnerability.
This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-ike-en

Affected configurations

Vulners
Node
huaweiar120-s_firmwareMatchv200r006c10spc300
OR
huaweiar120-s_firmwareMatchv200r007c00spc900
OR
huaweiar1200_firmwareMatchv200r006c10spc300
OR
huaweiar1200_firmwareMatchv200r006c13
OR
huaweiar1200_firmwareMatchv200r007c00spc900
OR
huaweiar1200_firmwareMatchv200r007c02
OR
huaweiar1200-s_firmwareMatchv200r006c10spc300
OR
huaweiar1200-s_firmwareMatchv200r007c00spc900
OR
huaweiar1200-s_firmwareMatchv200r008c20spc800pwe
OR
huaweiar150_firmwareMatchv200r006c10spc300
OR
huaweiar150_firmwareMatchv200r007c00spc900
OR
huaweiar150_firmwareMatchv200r007c02
OR
huaweiar150-s_firmwareMatchv200r006c10spc300
OR
huaweiar150-s_firmwareMatchv200r007c00spc900
OR
huaweiar160_firmwareMatchv200r006c10spc300
OR
huaweiar160_firmwareMatchv200r006c12
OR
huaweiar160_firmwareMatchv200r007c00spc900
OR
huaweiar160_firmwareMatchv200r007c02
OR
huaweiar200_firmwareMatchv200r006c10spc300
OR
huaweiar200_firmwareMatchv200r007c00spc900
OR
huaweiar200-s_firmwareMatchv200r006c10spc300
OR
huaweiar200-s_firmwareMatchv200r007c00spc900
OR
huaweiar2200_firmwareMatchv200r006c10spc300
OR
huaweiar2200_firmwareMatchv200r006c13
OR
huaweiar2200_firmwareMatchv200r006c16pwe
OR
huaweiar2200_firmwareMatchv200r007c00spc900
OR
huaweiar2200_firmwareMatchv200r007c02
OR
huaweiar2200-s_firmwareMatchv200r006c10spc300
OR
huaweiar2200-s_firmwareMatchv200r007c00spc900
OR
huaweiar2200-s_firmwareMatchv200r008c20spc800pwe
OR
huaweiar3200_firmwareMatchv200r006c10spc200
OR
huaweiar3200_firmwareMatchv200r006c11
OR
huaweiar3200_firmwareMatchv200r007c00
OR
huaweiar3200_firmwareMatchv200r007c02
OR
huaweiar3600_firmwareMatchv200r006c10spc300
OR
huaweiar3600_firmwareMatchv200r007c00spc900
OR
huaweiar510_firmwareMatchv200r006c12
OR
huaweiar510_firmwareMatchv200r006c13
OR
huaweiar510_firmwareMatchv200r006c15
OR
huaweiar510_firmwareMatchv200r006c16
OR
huaweiar510_firmwareMatchv200r006c17
OR
huaweiar510_firmwareMatchv200r007c00spc900
OR
huaweidbs3900_tdd_lte_firmwareMatchv100r003c00
OR
huaweidbs3900_tdd_lte_firmwareMatchv100r004c10
OR
huaweinetengine16ex_firmwareMatchv200r006c10spc300
OR
huaweinetengine16ex_firmwareMatchv200r007c00spc900
OR
huaweisrg1300_firmwareMatchv200r006c10spc300
OR
huaweisrg1300_firmwareMatchv200r007c00spc900
OR
huaweisrg1300_firmwareMatchv200r007c02
OR
huaweisrg2300_firmwareMatchv200r006c10spc300
OR
huaweisrg2300_firmwareMatchv200r007c00spc900
OR
huaweisrg2300_firmwareMatchv200r007c02
OR
huaweisrg3300_firmwareMatchv200r006c10spc300
OR
huaweisrg3300_firmwareMatchv200r007c00spc900
VendorProductVersionCPE
huaweiar120-s_firmwarev200r006c10spc300cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10spc300:*:*:*:*:*:*:*
huaweiar120-s_firmwarev200r007c00spc900cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00spc900:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r006c10spc300cpe:2.3:o:huawei:ar1200_firmware:v200r006c10spc300:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r006c13cpe:2.3:o:huawei:ar1200_firmware:v200r006c13:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r007c00spc900cpe:2.3:o:huawei:ar1200_firmware:v200r007c00spc900:*:*:*:*:*:*:*
huaweiar1200_firmwarev200r007c02cpe:2.3:o:huawei:ar1200_firmware:v200r007c02:*:*:*:*:*:*:*
huaweiar1200-s_firmwarev200r006c10spc300cpe:2.3:o:huawei:ar1200-s_firmware:v200r006c10spc300:*:*:*:*:*:*:*
huaweiar1200-s_firmwarev200r007c00spc900cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00spc900:*:*:*:*:*:*:*
huaweiar1200-s_firmwarev200r008c20spc800pwecpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20spc800pwe:*:*:*:*:*:*:*
huaweiar150_firmwarev200r006c10spc300cpe:2.3:o:huawei:ar150_firmware:v200r006c10spc300:*:*:*:*:*:*:*
Rows per page:
1-10 of 541

Related

cve 1
openvas 1
nvd 1
cvelist 1
prion 1
cve
cve
CVE-2017-17160
2018-02-15 16:29:02
openvas
openvas
Huawei Data Communication: Buffer Overflow Vulnerability in Some Huawei Products (huawei-sa-20171213-01-ike)
2020-06-25 00:00:00
nvd
nvd
CVE-2017-17160
2018-02-15 16:29:02
cvelist
cvelist
CVE-2017-17160
2018-02-15 16:00:00
prion
prion
Buffer overflow
2018-02-15 16:29:00

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.003

Percentile

69.5%

JSON
Related for HUAWEI-SA-20171213-01-IKE
cve1openvas1nvd1cvelist1prion1