Search criteria
54 vulnerabilities found for s2700_firmware by huawei
FKIE_CVE-2021-37129
Vulnerability from fkie_nvd - Published: 2021-10-27 01:15 - Updated: 2024-11-21 06:14
Severity ?
Summary
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "60A9007D-D6AD-4DB9-A0AC-1E400AEC0884",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "A91B37BC-F4FD-499A-918E-6396251A0F5F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9D57DC59-B234-463F-8BBD-631B7EE9928C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC093ED-A979-4484-B758-1C16DF2D6030",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "8FEB99CA-7B73-4633-9F9C-9AF54B0A43FA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "975CEC1E-D82C-45AD-B920-80961221C0BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "C9824CC2-7B77-4FD7-9509-49FA0D94AF4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "0442199D-AF21-44E8-B604-7D64129FD25D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r013c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "2836F054-A1CD-4B9C-9D4E-7DD198ED6004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ED767D-2826-4ECD-8C59-B688AC54B0CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "4A58127B-8ED8-49AD-83CE-AF95E221E092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c10spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "A630BDAD-C254-4107-9593-1E9FB415C138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r020c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B11D63D0-072D-4E44-B254-491974603C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r020c10:*:*:*:*:*:*:*",
"matchCriteriaId": "913DDCCC-0A91-458D-8A74-E4B9E9A71EC7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "0FCC64B5-1BB4-4A4B-983F-D1D986CA506E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "32CA1299-EA8A-4A24-96AA-DC3C5C3B9701",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "20386C76-4480-47ED-99AD-7ADBE41C3364",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "4676DA03-36A6-40B1-BA74-75260083D10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C4217C-0FBB-46BC-B108-F53A2AF259E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "744381A0-4E85-4F0C-881B-DF2F7E1DB186",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "6D60424B-15CE-415E-8E6C-34E5DC52E6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc700:*:*:*:*:*:*:*",
"matchCriteriaId": "46FDAD12-710C-4FE1-950F-B57810649C16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "F402F7DA-6BDF-4C53-B33B-3D8FE1B14506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "238025D5-0E08-4708-BA6D-6E6560814525",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "35753856-3BE4-481C-8D49-077E51138633",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA552D9-B8ED-4DD9-B825-FDB42F7070E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "83AE1FCE-5E38-4436-96B9-57DE026BDE7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2F0768-EE4C-408B-8FDD-87CBC4970688",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "8030D59B-D7AC-4155-B23C-0E77603F9DEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc700:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7D191A-1496-4A38-BD9B-4222A9CA31BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "B4342AD2-7764-4447-9341-78DF30E20416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "37C57D09-618F-44B0-86A8-5BAC25CA486F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "CD82D614-9515-4A9C-B96A-2614DDADEB7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "B45A35D3-D5CE-40F1-ABC2-9A9E6FA8FE46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "234ED4C3-67B4-4B0E-8EA1-9A70CAAD2BCF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E961C6AA-400A-41CF-A230-FE7182875F1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c20:*:*:*:*:*:*:*",
"matchCriteriaId": "31F8A14F-8956-493C-8062-EAB872AD0420",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de escritura fuera de l\u00edmites en algunos productos de Huawei. La vulnerabilidad est\u00e1 causada por una funci\u00f3n de un m\u00f3dulo que no verifica correctamente el par\u00e1metro input. Una explotaci\u00f3n con \u00e9xito podr\u00eda causar una escritura fuera de l\u00edmites conllevando a una condici\u00f3n de denegaci\u00f3n de servicio. Las versiones de producto afectadas incluyen: M\u00f3dulo IPS V500R005C00,V500R005C20;M\u00f3dulo NGFW V500R005C00;NIP6600 V500R005C00,V500R005C20; S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10; S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600; S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600; S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20"
}
],
"id": "CVE-2021-37129",
"lastModified": "2024-11-21T06:14:42.100",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T01:15:07.763",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22329
Vulnerability from fkie_nvd - Published: 2021-06-29 20:15 - Updated: 2024-11-21 05:49
Severity ?
Summary
There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01b102:*:*:*:*:*:*:*",
"matchCriteriaId": "BA273AD6-F7C0-49F3-A33F-E46B86168A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "0E46ADD0-4DF7-4C87-88D6-46A2065DB5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB158E3E-8A26-415F-86E9-E63524EAA055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "8E146F90-3E3F-4F23-81C0-0C4F36293711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "2D6FF612-2F2B-4B75-8D97-86205DFCF0CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "69FA8636-5936-4776-9DF2-1BD294796F0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A843B78A-CDB1-45A0-BBAC-6F3D69AD84DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "A59EDC82-83AD-408E-AA8E-15E221C3B009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "342E032C-BAE5-4F15-8BAE-84F9D9AA58D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "1A57254C-A4F0-47D2-8A1A-029E79BE863C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9461516A-F5BB-4A52-A315-8C2B559528A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "225A56F2-2EEB-4816-9A20-7A6E37C65FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "20648023-4CC5-4606-BE8E-70A5C20D7BE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5093F9-8629-4DA5-AC3A-EE5FFD7A57AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2FEF0B-B4AC-4EDB-AD25-41F4F9DA1DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "57E9C52D-0F60-41E5-8646-1F4D908CA82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD7EF17-710B-4363-87B7-CE1B4447BF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2FFFE5-5B4E-4040-BE25-A90D77AB53FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "17889C1C-0187-4814-940D-5BA6DDA39ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "11F25342-CE07-44CD-BD61-A998DFC8EF8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "D31F91CA-80E9-4C2A-AD61-A4FC08C8A83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "0C34E6D4-67FE-4AA4-A825-9666A302F771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "52947109-38C8-41A2-BC59-B43EA2343F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "82E3273C-3C33-4880-A044-389F5CB6FECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "749528C3-5F85-4B80-98AA-FFD5574779F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "2341D4F8-67E0-4B10-9D16-F2282D3EDBED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "26F2CC30-626B-4FEE-BDAD-6A5990DE6384",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01b102:*:*:*:*:*:*:*",
"matchCriteriaId": "2091CE58-DB15-4D36-ABF9-5DC94D39E358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "3BBC7227-051E-4244-9A63-760D0714DA35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D42D4D0E-2E0D-448E-B83D-50A1361C048B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "90A601DF-D90C-43EB-8A56-3890CF0C252D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B06663D-8499-42B9-83E1-E369F1FD0070",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad en la administraci\u00f3n de licencias en algunos productos de Huawei. Un atacante con altos privilegios necesita llevar a cabo operaciones espec\u00edficas para explotar la vulnerabilidad en el dispositivo afectado. Debido a la administraci\u00f3n inapropiada de la licencia del dispositivo, como resultado, el archivo de licencia se puede aplicar y afectar a la integridad del dispositivo. Las versiones de producto afectadas son: S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10; S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100; S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10; S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
}
],
"id": "CVE-2021-22329",
"lastModified": "2024-11-21T05:49:55.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-29T20:15:08.083",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22377
Vulnerability from fkie_nvd - Published: 2021-06-22 19:15 - Updated: 2024-11-21 05:50
Severity ?
Summary
There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | s12700_firmware | v200r019c00spc500 | |
| huawei | s12700 | - | |
| huawei | s2700_firmware | v200r019c00spc500 | |
| huawei | s2700 | - | |
| huawei | s5700_firmware | v200r019c00spc500 | |
| huawei | s5700 | - | |
| huawei | s6700_firmware | v200r019c00spc500 | |
| huawei | s6700 | - | |
| huawei | s7700_firmware | v200r019c00spc500 | |
| huawei | s7700 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "4A58127B-8ED8-49AD-83CE-AF95E221E092",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "547FFF0C-A572-40C6-849B-8FBEEF551062",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "35753856-3BE4-481C-8D49-077E51138633",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "32203724-9D88-4585-ABB5-78D474273794",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r019c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "613E1109-B921-4477-893D-179C1D1A6008",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de inyecci\u00f3n de comandos en S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 y S7700 V200R019C00SPC500. Un m\u00f3dulo no comprueba suficientemente la entrada espec\u00edfica. Los atacantes pueden explotar esta vulnerabilidad mediante el env\u00edo de par\u00e1metros maliciosos para inyectar el comando. Esto puede comprometer el servicio normal"
}
],
"id": "CVE-2021-22377",
"lastModified": "2024-11-21T05:50:00.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-06-22T19:15:07.953",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-22321
Vulnerability from fkie_nvd - Published: 2021-03-22 20:15 - Updated: 2024-11-21 05:49
Severity ?
Summary
There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "A26FE369-FDB8-4425-B51A-465A41FECE7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "D7EE3877-6344-466D-90B0-68CF4A53A256",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01b102:*:*:*:*:*:*:*",
"matchCriteriaId": "BA273AD6-F7C0-49F3-A33F-E46B86168A98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "933755CC-4A0B-42FB-9491-3C841059851D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "0E46ADD0-4DF7-4C87-88D6-46A2065DB5B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB158E3E-8A26-415F-86E9-E63524EAA055",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "8E146F90-3E3F-4F23-81C0-0C4F36293711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "2D6FF612-2F2B-4B75-8D97-86205DFCF0CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "0A91097D-76DB-4E5D-B520-6BF22E73BEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "D085F205-5C80-4A34-89A9-54F9FB8F2F69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "099E36B0-125F-4B3F-8D4A-01F8882CF53B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "69FA8636-5936-4776-9DF2-1BD294796F0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A843B78A-CDB1-45A0-BBAC-6F3D69AD84DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "A59EDC82-83AD-408E-AA8E-15E221C3B009",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "342E032C-BAE5-4F15-8BAE-84F9D9AA58D0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5561195B-7385-4175-9D29-77E95E4E9AB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "1A57254C-A4F0-47D2-8A1A-029E79BE863C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9461516A-F5BB-4A52-A315-8C2B559528A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "225A56F2-2EEB-4816-9A20-7A6E37C65FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "20648023-4CC5-4606-BE8E-70A5C20D7BE6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FA744621-893C-4F7E-80A1-66559BC6D6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5093F9-8629-4DA5-AC3A-EE5FFD7A57AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2FEF0B-B4AC-4EDB-AD25-41F4F9DA1DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "57E9C52D-0F60-41E5-8646-1F4D908CA82C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD7EF17-710B-4363-87B7-CE1B4447BF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2FFFE5-5B4E-4040-BE25-A90D77AB53FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "17889C1C-0187-4814-940D-5BA6DDA39ECF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "11F25342-CE07-44CD-BD61-A998DFC8EF8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "D31F91CA-80E9-4C2A-AD61-A4FC08C8A83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "0C34E6D4-67FE-4AA4-A825-9666A302F771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "52947109-38C8-41A2-BC59-B43EA2343F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "37E3F87E-EA36-41ED-8793-F6C166FFC4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "82E3273C-3C33-4880-A044-389F5CB6FECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "749528C3-5F85-4B80-98AA-FFD5574779F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "2341D4F8-67E0-4B10-9D16-F2282D3EDBED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "26F2CC30-626B-4FEE-BDAD-6A5990DE6384",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01b102:*:*:*:*:*:*:*",
"matchCriteriaId": "2091CE58-DB15-4D36-ABF9-5DC94D39E358",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6DC309-2FC6-4014-9C2B-8EE12C7BB08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "3BBC7227-051E-4244-9A63-760D0714DA35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D42D4D0E-2E0D-448E-B83D-50A1361C048B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c00spc100:*:*:*:*:*:*:*",
"matchCriteriaId": "90A601DF-D90C-43EB-8A56-3890CF0C252D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B06663D-8499-42B9-83E1-E369F1FD0070",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "EDD7E147-B39E-4C6F-BA5F-F046F3AE4728",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "6EE084FC-27EB-4CE6-B529-508DA690C9D8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "ADB7FBB2-1CC6-4DA3-85AB-66562B0A9198",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "F6AACFD2-9C9D-49E3-A911-0CF58F863EE0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "80F14B3F-EA8C-4A01-9968-08ECACDA6CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c60:*:*:*:*:*:*:*",
"matchCriteriaId": "74B7C57C-7CD4-4FF0-BE51-2F4794FED7AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de uso de la memoria previamente liberada en un producto de Huawei.\u0026#xa0;Un m\u00f3dulo no puede tratar operaciones espec\u00edficas en escenarios especiales.\u0026#xa0;Los atacantes pueden explotar esta vulnerabilidad al realizar operaciones maliciosas.\u0026#xa0;Esto puede causar un uso de la memoria previamente liberada, comprometiendo el servicio normal.\u0026#xa0;Los productos afectados incluyen algunas versiones de NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700, S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 y USG9500"
}
],
"id": "CVE-2021-22321",
"lastModified": "2024-11-21T05:49:54.420",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-22T20:15:17.613",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-1866
Vulnerability from fkie_nvd - Published: 2021-01-13 23:15 - Updated: 2024-11-21 05:11
Severity ?
Summary
There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| huawei | nip6800_firmware | v500r001c30 | |
| huawei | nip6800_firmware | v500r001c60spc500 | |
| huawei | nip6800_firmware | v500r005c00 | |
| huawei | nip6800 | - | |
| huawei | s12700_firmware | v200r008c00 | |
| huawei | s12700 | - | |
| huawei | s2700_firmware | v200r008c00 | |
| huawei | s2700 | - | |
| huawei | s5700_firmware | v200r008c00 | |
| huawei | s5700 | - | |
| huawei | s6700_firmware | v200r008c00 | |
| huawei | s6700 | - | |
| huawei | s7700_firmware | v200r008c00 | |
| huawei | s7700 | - | |
| huawei | s9700_firmware | v200r008c00 | |
| huawei | s9700 | - | |
| huawei | secospace_usg6600_firmware | v500r001c30spc200 | |
| huawei | secospace_usg6600_firmware | v500r001c30spc600 | |
| huawei | secospace_usg6600_firmware | v500r001c60spc500 | |
| huawei | secospace_usg6600_firmware | v500r005c00 | |
| huawei | secospace_usg6600 | - | |
| huawei | usg9500_firmware | v500r001c30spc300 | |
| huawei | usg9500_firmware | v500r001c30spc600 | |
| huawei | usg9500_firmware | v500r001c60spc500 | |
| huawei | usg9500_firmware | v500r005c00 | |
| huawei | usg9500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "4B3D681F-E141-4BB1-9437-8BFE286CB164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "C38F1E7A-0347-4E45-A0B6-CB8CE0D8A07E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6800_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FCA659-5DF8-44EA-91B6-A80FBB68322A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "875441DD-575F-4F4D-A6BD-23C38641D330",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc200:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA7BE1F-853E-4CBA-8A90-BAEA0BCC6A97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "B80E521E-1BFB-405E-9F8E-4A0734731FD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "5226BD96-2B00-469B-AADD-CD0541610BBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "391BFC6B-9AE6-49D7-855A-CB94AD1EE5C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc300:*:*:*:*:*:*:*",
"matchCriteriaId": "0C986370-A4E1-4EA0-BA3E-122F4D16D3F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30spc600:*:*:*:*:*:*:*",
"matchCriteriaId": "6E2CDEF7-F8C8-482E-B43D-DB3F0CE010F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c60spc500:*:*:*:*:*:*:*",
"matchCriteriaId": "8A1EFB9D-5349-4EAF-9880-34F0D20011E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E961C6AA-400A-41CF-A230-FE7182875F1F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de lectura fuera de l\u00edmites en varios productos.\u0026#xa0;El software lee los datos m\u00e1s all\u00e1 del final del b\u00fafer previsto cuando se analizan determinados mensajes DHCP dise\u00f1ados.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda causar un servicio anormal.\u0026#xa0;versiones afectadas de productos incluyen: NIP6800 versiones V500R001C30, V500R001C30,V500R001C60; SPC500 versiones V500R005C00; S12700 versiones V200R008C00; S2700 versiones V200R008C00; S5700 versiones V200R008C00; S6700 versiones V200R008C00; S7700 versiones V200R008C00; S9700 versiones V200R008C00; Secospace USG6600 versiones V500R001C30; SPC200 versiones V500R001C30; SPC600 versiones V500R001C60; SPC500 versiones V500R005C00; USG9500 versiones V500R001C30; SPC200 versiones V500R001C30; SPC600 versiones V500R001C60; SPC500 versiones V500R005C00; USG9500 versiones V500R001C30; SPC300 versiones V500R001C30; SPC600 versiones V500R001C60 y SPC500 versiones V500R005C00"
}
],
"id": "CVE-2020-1866",
"lastModified": "2024-11-21T05:11:30.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-13T23:15:13.367",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-19397
Vulnerability from fkie_nvd - Published: 2019-12-13 15:15 - Updated: 2024-11-21 04:34
Severity ?
Summary
There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "10CBC93B-5CF6-45BF-A90A-84B7693E27FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c20:*:*:*:*:*:*:*",
"matchCriteriaId": "985C07E4-1E27-4191-9FB8-4714A177479D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "933755CC-4A0B-42FB-9491-3C841059851D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "2D6FF612-2F2B-4B75-8D97-86205DFCF0CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC385D3-E82B-454B-A131-971F3B830EC9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "410E8DAA-E961-46E1-96E2-3AC4B40D8359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "099E36B0-125F-4B3F-8D4A-01F8882CF53B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "342E032C-BAE5-4F15-8BAE-84F9D9AA58D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BC439F55-11AB-42D2-B891-C6C5D62FF5F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r012c20:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8C93E3-C155-47D2-A927-D4D4F17BA494",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "193FCE7A-C793-446B-9C39-20597FA7BC70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1D26AA-09DF-49DA-930F-A2EAEA486361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E364889D-CDEE-4D8C-82E5-6D5BC3DD768A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5561195B-7385-4175-9D29-77E95E4E9AB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9461516A-F5BB-4A52-A315-8C2B559528A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "20648023-4CC5-4606-BE8E-70A5C20D7BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1449504A-662C-403C-85AF-CCB5219CE976",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DCF23DAE-1215-41B2-88C5-4436D846266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c02:*:*:*:*:*:*:*",
"matchCriteriaId": "CB33B908-085C-43C6-B8B7-25BBF3614C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c03:*:*:*:*:*:*:*",
"matchCriteriaId": "5B18ABC1-A970-472A-A8BF-934D1180930E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FA744621-893C-4F7E-80A1-66559BC6D6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2FEF0B-B4AC-4EDB-AD25-41F4F9DA1DAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD7EF17-710B-4363-87B7-CE1B4447BF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "17CDA635-A9E7-4678-8970-22DFC028BAF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r012c20:*:*:*:*:*:*:*",
"matchCriteriaId": "3B80F5B3-147A-46E3-9306-70052511A6D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F18D9776-5CE7-4DD3-9119-7FB08A35B955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c01:*:*:*:*:*:*:*",
"matchCriteriaId": "F4979AA8-0D8E-4F37-A7DC-709BE4821D51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c02:*:*:*:*:*:*:*",
"matchCriteriaId": "898AC16A-8F4E-4709-A3B4-DE74FFB91130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c00:*:*:*:*:*:*:*",
"matchCriteriaId": "11F25342-CE07-44CD-BD61-A998DFC8EF8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "0C34E6D4-67FE-4AA4-A825-9666A302F771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA68BF50-9118-445D-B778-E60812E67B98",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3FB3CC-2EAC-4A08-BDDC-DCACEE9FA2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2377CD30-6F57-46CB-9DD1-E29458A7D928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "37E3F87E-EA36-41ED-8793-F6C166FFC4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "26F2CC30-626B-4FEE-BDAD-6A5990DE6384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D43F5AE6-A4CD-4C45-A8A4-D5B064FE7C27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC7E622-010C-4C5D-8AA6-D4793AFCE0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D78DAB13-32AA-4813-AB0A-0EA870F41183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6DC309-2FC6-4014-9C2B-8EE12C7BB08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B06663D-8499-42B9-83E1-E369F1FD0070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1B299A06-5D99-43A8-ACF3-4D79174C536E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de algoritmo d\u00e9bil en algunos productos Huawei. Los productos afectados utilizan algoritmos d\u00e9biles por defecto. Los atacantes pueden explotar la vulnerabilidad para causar filtrados de informaci\u00f3n."
}
],
"id": "CVE-2019-19397",
"lastModified": "2024-11-21T04:34:43.150",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-13T15:15:11.113",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-vrp-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-vrp-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-5285
Vulnerability from fkie_nvd - Published: 2019-06-04 19:29 - Updated: 2024-11-21 04:44
Severity ?
Summary
Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109)
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "7D81469B-EC6C-493D-B632-4DF821A1F304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F2C4C7-3438-42B8-8999-C17E45C8CF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "10CBC93B-5CF6-45BF-A90A-84B7693E27FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "933755CC-4A0B-42FB-9491-3C841059851D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "2D6FF612-2F2B-4B75-8D97-86205DFCF0CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC385D3-E82B-454B-A131-971F3B830EC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "33014F41-7B1B-4294-A862-45E2669AAAB3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3B7337-72AF-409A-9103-451622FB89AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F91DC34F-C000-4E51-A70E-38610D31AE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "099E36B0-125F-4B3F-8D4A-01F8882CF53B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "342E032C-BAE5-4F15-8BAE-84F9D9AA58D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BC439F55-11AB-42D2-B891-C6C5D62FF5F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D5EEEAA3-B534-48B7-ABBC-0E1BF3C0AC68",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1C6CC00C-1056-426B-9828-1A886F2C8D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C82DA6-8D95-45D2-B54C-CFE1AA9CC1F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A40EFA43-E71F-464D-829C-8D4C60A57765",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1116C5A3-35F7-48A2-A68F-E299D0EA12F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "CD500740-A674-4B68-8AFA-26991B82AD2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDD6B48-17E7-4B2D-B86D-654B059A57B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D6A2FA-2ABE-41B3-BEF3-E835D6868E1F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "17566603-275F-4E6B-B5D9-4A716EEC03DC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "AED7DFC5-846F-4F90-91A8-13E9E805C9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "193FCE7A-C793-446B-9C39-20597FA7BC70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E364889D-CDEE-4D8C-82E5-6D5BC3DD768A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5561195B-7385-4175-9D29-77E95E4E9AB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "20648023-4CC5-4606-BE8E-70A5C20D7BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1449504A-662C-403C-85AF-CCB5219CE976",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "AC3443AF-478E-4043-9E72-5BBC0C88F13D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FD601FFF-E623-4ADC-B286-D11B8004D7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5EAEF900-7C8C-4569-B74B-A802F951CC47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5454BC21-A04F-4B3D-8533-2414B6E1BC8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1E122468-50F4-4216-A8F9-04D4DCEC8BE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "B7B0C041-0B3F-441F-B98B-522FF7039C01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "88DD2BD9-F4FE-4438-B792-4A02E6028B99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6279E671-644C-4EC6-A675-732BD0B389B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CFEF08E-54C5-4D60-AFF0-37B00D6E2DDD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4907FBB8-5157-460D-9240-DD7D610C0FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DCF23DAE-1215-41B2-88C5-4436D846266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FA744621-893C-4F7E-80A1-66559BC6D6F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "AFD7EF17-710B-4363-87B7-CE1B4447BF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "17CDA635-A9E7-4678-8970-22DFC028BAF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "71348C1D-8243-4585-B87A-AFE457700243",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s600-e_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "299234CD-AD78-4C53-8B7E-C0B22681ADB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s600-e_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "7581063D-DFFB-49CE-8099-D39C52B9AAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s600-e_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "B850D4D0-6444-44EE-9E1F-4A48931D7580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s600-e_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "EFD0C771-7387-41B8-BDEF-20028013D145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s600-e_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "08E7A78F-7F37-41B8-BC9A-B3CC9DFFC671",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s600-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E02D610-AB78-476B-9049-FDB66D9E9907",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5C330A14-C941-4B28-AA9C-B78A96A9011D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C6818ECD-730B-40D6-9108-B8540CC4BF1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D5811970-FE82-4888-A01D-B356B5578296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "939C73D9-E0E9-47A5-970E-6C84F5ECD2D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CEE877-AF03-4A5B-84AA-8EB8067E04F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "E5A9491C-AA2F-4E2F-8FB7-C6D6D653B343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "94D35430-7723-4277-BEE5-FC002465A521",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC7370E-7CD1-49DC-8B1E-779E269E8CCE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA3C8988-A1FC-4B04-9134-F2BDDADEAFB5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "749B68B9-9F62-4E7A-AC86-F4073BA32E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F18D9776-5CE7-4DD3-9119-7FB08A35B955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FF4AF711-D921-4261-A459-2A0780EA951F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "0C34E6D4-67FE-4AA4-A825-9666A302F771",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "AA68BF50-9118-445D-B778-E60812E67B98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "756F699B-4EA0-4A77-8068-CB25B99893EB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BFADB02-AD16-4B58-AFF9-B659BDB3E025",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DFF0C0-AA17-4AA1-A418-4759D1A58852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D84F05D5-BA7D-485B-91C2-273349335CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3FB3CC-2EAC-4A08-BDDC-DCACEE9FA2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2377CD30-6F57-46CB-9DD1-E29458A7D928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "37E3F87E-EA36-41ED-8793-F6C166FFC4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "26F2CC30-626B-4FEE-BDAD-6A5990DE6384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D43F5AE6-A4CD-4C45-A8A4-D5B064FE7C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D48511A7-A013-4C34-8F4F-67289F3BD442",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7900_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "4B9B6C9C-9270-4904-895B-C60B15A1479E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7900_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3F50FCA7-107F-429E-BEC8-29A27AAEF3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7900_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "922C5EBF-C9BF-4363-AE3C-E30AD7060484",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECEBC19-EE35-471D-A062-1E6B33B40A02",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "473B6E52-E60F-4D3C-9028-E362DF2A8327",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0E7DB9D3-BB34-49BE-8302-A054D79FE8D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r008c10:*:*:*:*:*:*:*",
"matchCriteriaId": "0ACAD052-796D-428E-95B1-65099952B773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "701D6571-8708-4DB3-9021-ED48C5874503",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "B2420E92-C734-47C7-A5DC-A057553160B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DE905E-5CE3-42F6-B6E1-F57DC886C3C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9C42090D-C76E-48EC-BA54-BB39A489373D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD2EC926-50C6-4CBE-BB6F-56F3A6287DEE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9300x_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A20E2DAD-8579-49F0-AEA8-B5AF5DBD025F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300x_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "1AB5D982-3C99-4FCF-B5ED-265C6CA287F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300x_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6A63DEED-6909-4E95-8F05-3EF7C268A224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9300x_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "C7098404-C4B7-4657-9FFB-7298C310684C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9300x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "808C627E-4D42-459B-BBE0-6FF8FF143D80",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "06AD9ACA-E0C3-4096-BE50-94E717CDA318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "325D6523-A07A-48D4-AD44-CF838BD77432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC7E622-010C-4C5D-8AA6-D4793AFCE0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D78DAB13-32AA-4813-AB0A-0EA870F41183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6DC309-2FC6-4014-9C2B-8EE12C7BB08F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r011c10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B06663D-8499-42B9-83E1-E369F1FD0070",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r012c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1B299A06-5D99-43A8-ACF3-4D79174C536E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r013c00:*:*:*:*:*:*:*",
"matchCriteriaId": "88100CA8-11C0-4D63-ADD8-C01176B6CE3F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109)"
},
{
"lang": "es",
"value": "Algunos conmutadores de la serie S de Huawei tienen una vulnerabilidad DoS. Un atacante remoto no autorizado puede enviar paquetes dise\u00f1ados al dispositivo afectado para aprovechar esta vulnerabilidad. Debido a una verificaci\u00f3n insuficiente de los paquetes, la operaci\u00f3n \u00e9xito puede provocar el reinicio del dispositivo y la condici\u00f3n de denegaci\u00f3n de servicio (DoS). (ID de vulnerabilidad: HWPSIRT-2019-03109)"
}
],
"id": "CVE-2019-5285",
"lastModified": "2024-11-21T04:44:40.310",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-06-04T19:29:00.477",
"references": [
{
"source": "psirt@huawei.com",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
},
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-17250
Vulnerability from fkie_nvd - Published: 2018-03-09 17:29 - Updated: 2024-11-21 03:17
Severity ?
Summary
Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300 V200R005C32; SRG2300 V200R005C32; SRG3300 V200R005C32 have an out-of-bounds write vulnerability. When a user executes a query command after the device received an abnormal OSPF message, the software writes data past the end of the intended buffer due to the insufficient verification of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending abnormal OSPF messages to the device. A successful exploit could cause the system to crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "D81E2517-263C-4B59-9D28-A3DE98289B24",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0CFDB51-BF44-4433-AB2A-CFF553F8D640",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "4045CC4E-3B44-4E32-A04F-39C8572921B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4BA4150-8CA8-48BF-9D45-ABC8AC710060",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7D76DA-E30F-4071-807B-DED30596CD45",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar1200-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B053C248-3CC2-476D-95A7-90EDD8EAAD69",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "C9A3CE39-6AC0-45E4-94B0-535AA92DAAF7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "526371A8-11FE-4D00-AFBB-8E867A320B27",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABEF8DE-D6CA-45DD-B10E-C3FFB5B82FE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar160:-:*:*:*:*:*:*:*",
"matchCriteriaId": "137A007D-A498-483F-8B4F-DCA118B25F11",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "75A87025-03BE-4671-9687-85510E9AE4C3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2562CCF8-A4A7-4ACD-AA67-E3DB8B5ADA92",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "0325B983-F920-4006-8F3B-738B1B4EBEAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar200-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BEDFA4F2-3040-4355-B6E0-4F3B9FC2CDDC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "01485D20-8F48-4D48-9242-95CD59069023",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar150-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED3D18A0-71EC-4B1E-89FC-9522F9A64ACA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "272E6F06-9FAF-421B-8E87-7F1F1705B598",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar2200-s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5862E1A5-0222-4059-B9D7-716A6D0EB8CC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE26EE9-2331-4D72-96CF-635A0A4EBE3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9752658E-3CF5-4D9E-98FB-D15FD892479C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA6C55E-DF1F-475D-B1E9-C09CF8278276",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ar510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FCD9E893-609B-4C97-82E6-0651AEC39D14",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "34D96DF6-070E-44A1-837C-8690859960B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:netengine16ex:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6224ECC-6949-4204-94D1-C7374C142A50",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "10CBC93B-5CF6-45BF-A90A-84B7693E27FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1D26AA-09DF-49DA-930F-A2EAEA486361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E364889D-CDEE-4D8C-82E5-6D5BC3DD768A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2377CD30-6F57-46CB-9DD1-E29458A7D928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D78DAB13-32AA-4813-AB0A-0EA870F41183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "29D01E86-0F60-4A99-8E48-15B0B0BF3678",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF77FB70-AAF3-421E-8D9B-F0C54E6A2FC0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "B25185C6-3F8D-4D86-84D9-4D81A3DF5632",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg2300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BAF601C-B8EC-42F5-95F4-274F8492F57E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r005c32:*:*:*:*:*:*:*",
"matchCriteriaId": "E586B837-E86A-4B3E-8701-3C92123F9FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:srg3300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43681AE7-5C12-4772-85A9-0A10177C6CFD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300 V200R005C32; SRG2300 V200R005C32; SRG3300 V200R005C32 have an out-of-bounds write vulnerability. When a user executes a query command after the device received an abnormal OSPF message, the software writes data past the end of the intended buffer due to the insufficient verification of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending abnormal OSPF messages to the device. A successful exploit could cause the system to crash."
},
{
"lang": "es",
"value": "Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300 V200R005C32; SRG2300 V200R005C32; SRG3300 V200R005C32 tienen una vulnerabilidad de escritura fuera de l\u00edmites. Cuando un usuario ejecuta un comando de consulta cuando un dispositivo recibe un mensaje OSPF fuera de lo normal, el software escribe datos m\u00e1s all\u00e1 del final del b\u00fafer planeado debido a la verificaci\u00f3n insuficiente de los datos de entrada. Un atacante remoto no autenticado podr\u00eda explotar esta vulnerabilidad enviando mensajes OSPF anormales al dispositivo. Una explotaci\u00f3n exitosa podr\u00eda hacer que el dispositivo se cierre inesperadamente."
}
],
"id": "CVE-2017-17250",
"lastModified": "2024-11-21T03:17:42.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-09T17:29:01.547",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180214-01-ospf-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180214-01-ospf-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-17135
Vulnerability from fkie_nvd - Published: 2018-03-05 19:29 - Updated: 2024-11-21 03:17
Severity ?
Summary
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a null pointer reference vulnerability due to insufficient verification. An authenticated local attacker calls PEM decoder with special parameter which could cause a denial of service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "84477B1C-413A-4F74-86DC-55E58AD07AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "80411236-6B22-4937-87F3-E06C991B14D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4B469A91-4CD0-44D2-A982-3E612B855E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2E0857-39E8-46C2-A723-9F09C052F2F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "10CBC93B-5CF6-45BF-A90A-84B7693E27FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B17A34EF-677D-4264-82FB-F7F582C9F56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "933755CC-4A0B-42FB-9491-3C841059851D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "410E8DAA-E961-46E1-96E2-3AC4B40D8359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F91DC34F-C000-4E51-A70E-38610D31AE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "099E36B0-125F-4B3F-8D4A-01F8882CF53B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1D26AA-09DF-49DA-930F-A2EAEA486361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E364889D-CDEE-4D8C-82E5-6D5BC3DD768A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B6F69BC3-E6C0-4E70-AC13-D79D840579DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5561195B-7385-4175-9D29-77E95E4E9AB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "48B5A9B7-A931-4806-8AC7-302C6CA49CF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FA744621-893C-4F7E-80A1-66559BC6D6F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A9EA93B5-01A5-4506-9B0A-993621E6940E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2377CD30-6F57-46CB-9DD1-E29458A7D928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A3C92-C5C6-4BE6-A9F6-21C28D68C080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "37E3F87E-EA36-41ED-8793-F6C166FFC4A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D78DAB13-32AA-4813-AB0A-0EA870F41183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01A0EC8F-6A8A-487F-A92A-789E3789788F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6DC309-2FC6-4014-9C2B-8EE12C7BB08F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4C996915-83A1-4EA5-A8E1-F609DA879D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3189382E-6846-4713-A92F-ABD03683F4A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E990766D-FBD4-404E-A783-3D2D0BC210F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30s:*:*:*:*:*:*:*",
"matchCriteriaId": "18553F87-9928-4AE8-87D5-EB8014999E62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*",
"matchCriteriaId": "686651A5-6F2F-4AF3-9B96-FF5905F2303A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEA387B-4F45-438F-8086-6E80B553163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD87254-ABAD-4DFF-BC0D-2CF030063D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4D51-314B-4A77-86A7-9C5237BC4275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c02:*:*:*:*:*:*:*",
"matchCriteriaId": "60DB85A7-54F1-4726-9D9C-07CC35621C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB0020-7162-4E3C-8E6B-D2FF8D7ECF36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tp3106:-:*:*:*:*:*:*:*",
"matchCriteriaId": "492DABB3-66CF-47E9-92D4-518154559A7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tp3206_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D28E0627-0B19-4616-933E-76294F83813F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:tp3206_firmware:v100r002c10:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C4071A-502F-46E4-80FF-C6647161A178",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tp3206:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45ED506D-5094-476B-83F0-CBBED04EF348",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "22007E6A-68FC-4AF4-A570-95873AFBF882",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "80F14B3F-EA8C-4A01-9968-08ECACDA6CBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*",
"matchCriteriaId": "3C83F8B1-67D2-4D4C-8FB5-2C61EDD0FCF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*",
"matchCriteriaId": "0ADEC8B2-CD7F-4246-88C0-E27B939829AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6208C34-D92D-4605-B4AF-6EA597CBA0F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a null pointer reference vulnerability due to insufficient verification. An authenticated local attacker calls PEM decoder with special parameter which could cause a denial of service."
},
{
"lang": "es",
"value": "El m\u00f3dulo PEM de Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 tiene una vulnerabilidad de referencia de puntero null debido a la verificaci\u00f3n insuficiente. Un atacante local autenticado llama al descodificador PEM con un par\u00e1metro especial, lo que podr\u00eda provocar una denegaci\u00f3n de servicio (DoS)."
}
],
"id": "CVE-2017-17135",
"lastModified": "2024-11-21T03:17:33.207",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-05T19:29:00.427",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-17138
Vulnerability from fkie_nvd - Published: 2018-03-05 19:29 - Updated: 2024-11-21 03:17
Severity ?
Summary
PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a DoS vulnerability in PEM module of Huawei products due to insufficient verification. An authenticated local attacker can make processing into deadloop by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "84477B1C-413A-4F74-86DC-55E58AD07AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "80411236-6B22-4937-87F3-E06C991B14D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4B469A91-4CD0-44D2-A982-3E612B855E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2E0857-39E8-46C2-A723-9F09C052F2F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "10CBC93B-5CF6-45BF-A90A-84B7693E27FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B17A34EF-677D-4264-82FB-F7F582C9F56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "933755CC-4A0B-42FB-9491-3C841059851D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "410E8DAA-E961-46E1-96E2-3AC4B40D8359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F91DC34F-C000-4E51-A70E-38610D31AE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "099E36B0-125F-4B3F-8D4A-01F8882CF53B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1D26AA-09DF-49DA-930F-A2EAEA486361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E364889D-CDEE-4D8C-82E5-6D5BC3DD768A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B6F69BC3-E6C0-4E70-AC13-D79D840579DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5561195B-7385-4175-9D29-77E95E4E9AB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "48B5A9B7-A931-4806-8AC7-302C6CA49CF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FA744621-893C-4F7E-80A1-66559BC6D6F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A9EA93B5-01A5-4506-9B0A-993621E6940E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2377CD30-6F57-46CB-9DD1-E29458A7D928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A3C92-C5C6-4BE6-A9F6-21C28D68C080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "37E3F87E-EA36-41ED-8793-F6C166FFC4A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D78DAB13-32AA-4813-AB0A-0EA870F41183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01A0EC8F-6A8A-487F-A92A-789E3789788F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6DC309-2FC6-4014-9C2B-8EE12C7BB08F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4C996915-83A1-4EA5-A8E1-F609DA879D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3189382E-6846-4713-A92F-ABD03683F4A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E990766D-FBD4-404E-A783-3D2D0BC210F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30s:*:*:*:*:*:*:*",
"matchCriteriaId": "18553F87-9928-4AE8-87D5-EB8014999E62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*",
"matchCriteriaId": "686651A5-6F2F-4AF3-9B96-FF5905F2303A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEA387B-4F45-438F-8086-6E80B553163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD87254-ABAD-4DFF-BC0D-2CF030063D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4D51-314B-4A77-86A7-9C5237BC4275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c02:*:*:*:*:*:*:*",
"matchCriteriaId": "60DB85A7-54F1-4726-9D9C-07CC35621C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB0020-7162-4E3C-8E6B-D2FF8D7ECF36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tp3106:-:*:*:*:*:*:*:*",
"matchCriteriaId": "492DABB3-66CF-47E9-92D4-518154559A7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tp3206_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D28E0627-0B19-4616-933E-76294F83813F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:tp3206_firmware:v100r002c10:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C4071A-502F-46E4-80FF-C6647161A178",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tp3206:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45ED506D-5094-476B-83F0-CBBED04EF348",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "22007E6A-68FC-4AF4-A570-95873AFBF882",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "80F14B3F-EA8C-4A01-9968-08ECACDA6CBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*",
"matchCriteriaId": "3C83F8B1-67D2-4D4C-8FB5-2C61EDD0FCF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*",
"matchCriteriaId": "0ADEC8B2-CD7F-4246-88C0-E27B939829AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6208C34-D92D-4605-B4AF-6EA597CBA0F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a DoS vulnerability in PEM module of Huawei products due to insufficient verification. An authenticated local attacker can make processing into deadloop by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service."
},
{
"lang": "es",
"value": "El m\u00f3dulo PEM de DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 de Huawei tiene una vulnerabilidad de denegaci\u00f3n de servicio (DoS) debido a la verificaci\u00f3n insuficiente. Un atacante local autenticado puede provocar que el proceso entre en un deadloop mediante certificados maliciosos. El atacante puede explotar esta vulnerabilidad para provocar una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2017-17138",
"lastModified": "2024-11-21T03:17:33.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-05T19:29:00.580",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-17141
Vulnerability from fkie_nvd - Published: 2018-03-05 19:29 - Updated: 2024-11-21 03:17
Severity ?
Summary
Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00; V200R009C00;S3700 V100R006C03;S5700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R003C02; V200R005C00; V200R005C01; V200R005C02; V200R005C03; V200R006C00; V200R007C00; V200R008C00; V200R009C00;S6700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R005C01; V200R005C02; V200R008C00; V200R009C00;S7700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R006C01; V200R007C00; V200R007C01; V200R008C00; V200R008C06; V200R009C00;S9700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R008C00; V200R009C00 have a memory leak vulnerability. In some specific conditions, if attackers send specific malformed MPLS Service PING messages to the affected products, products do not release the memory when handling the packets. So successful exploit will result in memory leak of the affected products.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "7D81469B-EC6C-493D-B632-4DF821A1F304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D6F2C4C7-3438-42B8-8999-C17E45C8CF49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "10CBC93B-5CF6-45BF-A90A-84B7693E27FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c20:*:*:*:*:*:*:*",
"matchCriteriaId": "985C07E4-1E27-4191-9FB8-4714A177479D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B17A34EF-677D-4264-82FB-F7F582C9F56B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "410E8DAA-E961-46E1-96E2-3AC4B40D8359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F91DC34F-C000-4E51-A70E-38610D31AE53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v100r006c03:*:*:*:*:*:*:*",
"matchCriteriaId": "3EA85312-3C8F-4F1F-8138-1A091C453193",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9888DCAA-118C-4091-8425-8FBEE3AAABC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "AED7DFC5-846F-4F90-91A8-13E9E805C9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "193FCE7A-C793-446B-9C39-20597FA7BC70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1D26AA-09DF-49DA-930F-A2EAEA486361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E364889D-CDEE-4D8C-82E5-6D5BC3DD768A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00b050:*:*:*:*:*:*:*",
"matchCriteriaId": "339CF153-DF87-4522-8041-E4F65D67D008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00spc009t:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD2B901-E5B8-4A6D-BDBD-804CECC27B23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00spc019t:*:*:*:*:*:*:*",
"matchCriteriaId": "DC14AAEC-0E25-4B32-9E12-5565B4BF8E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B6F69BC3-E6C0-4E70-AC13-D79D840579DB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s3700_firmware:v100r006c03:*:*:*:*:*:*:*",
"matchCriteriaId": "85611E3B-826E-4B8F-884B-C121DE4EECEB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s3700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7F84390-E120-406B-967D-B473EB110EA9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "336AA440-AEF4-482B-A037-8976DC38BA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r001c01:*:*:*:*:*:*:*",
"matchCriteriaId": "228D261C-DB88-4AEE-91D3-772DD28E4CDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2DE9FE-5EC9-462E-86F0-EE772C944DFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4907FBB8-5157-460D-9240-DD7D610C0FCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c02:*:*:*:*:*:*:*",
"matchCriteriaId": "2898D6C5-77AB-4C1F-8134-B2DBD13EDB81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DCF23DAE-1215-41B2-88C5-4436D846266C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c01:*:*:*:*:*:*:*",
"matchCriteriaId": "F64CA8E2-AF04-42B3-8E26-2EF379703B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c02:*:*:*:*:*:*:*",
"matchCriteriaId": "CB33B908-085C-43C6-B8B7-25BBF3614C9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c03:*:*:*:*:*:*:*",
"matchCriteriaId": "5B18ABC1-A970-472A-A8BF-934D1180930E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "48B5A9B7-A931-4806-8AC7-302C6CA49CF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5B7B7285-F4C6-415C-A948-D7612750A77D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r001c01:*:*:*:*:*:*:*",
"matchCriteriaId": "9CD40F46-5E04-43F0-A2DB-0ACBEC92C53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4D6DC0AF-017E-41BC-A19D-F9AA055F5224",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "749B68B9-9F62-4E7A-AC86-F4073BA32E18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F18D9776-5CE7-4DD3-9119-7FB08A35B955",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c01:*:*:*:*:*:*:*",
"matchCriteriaId": "F4979AA8-0D8E-4F37-A7DC-709BE4821D51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c02:*:*:*:*:*:*:*",
"matchCriteriaId": "898AC16A-8F4E-4709-A3B4-DE74FFB91130",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A9EA93B5-01A5-4506-9B0A-993621E6940E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F49D3EAD-1EB3-4C62-80BA-4C9C3CE0408C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r001c01:*:*:*:*:*:*:*",
"matchCriteriaId": "65902ABB-3EF2-4C8B-BAC1-84BC585019BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D75B012-A57D-4C6D-AB26-51D2ECC02F35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B1DFF0C0-AA17-4AA1-A418-4759D1A58852",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D84F05D5-BA7D-485B-91C2-273349335CFB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3FB3CC-2EAC-4A08-BDDC-DCACEE9FA2AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r006c01:*:*:*:*:*:*:*",
"matchCriteriaId": "345DA517-033D-4C94-A7F2-77C047309E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2377CD30-6F57-46CB-9DD1-E29458A7D928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "D55C2AC7-FF47-4160-B524-E3E6C54612E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c06:*:*:*:*:*:*:*",
"matchCriteriaId": "C6712B77-1268-4A5A-B383-E51D9D51F108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A3C92-C5C6-4BE6-A9F6-21C28D68C080",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1F0B3D-1923-42C3-A3DB-03D11BE059D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r001c01:*:*:*:*:*:*:*",
"matchCriteriaId": "032E5E4D-B1B8-4659-8B62-3DC237234501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB6ED15-477B-4BB5-AA94-0D7897FBD962",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r003c00:*:*:*:*:*:*:*",
"matchCriteriaId": "06AD9ACA-E0C3-4096-BE50-94E717CDA318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r005c00:*:*:*:*:*:*:*",
"matchCriteriaId": "325D6523-A07A-48D4-AD44-CF838BD77432",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC7E622-010C-4C5D-8AA6-D4793AFCE0E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D78DAB13-32AA-4813-AB0A-0EA870F41183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01A0EC8F-6A8A-487F-A92A-789E3789788F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00; V200R009C00;S3700 V100R006C03;S5700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R003C02; V200R005C00; V200R005C01; V200R005C02; V200R005C03; V200R006C00; V200R007C00; V200R008C00; V200R009C00;S6700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R005C01; V200R005C02; V200R008C00; V200R009C00;S7700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R006C01; V200R007C00; V200R007C01; V200R008C00; V200R008C06; V200R009C00;S9700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R008C00; V200R009C00 have a memory leak vulnerability. In some specific conditions, if attackers send specific malformed MPLS Service PING messages to the affected products, products do not release the memory when handling the packets. So successful exploit will result in memory leak of the affected products."
},
{
"lang": "es",
"value": "Huawei S12700 V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R007C20; V200R008C00; V200R009C00;S1700 V200R006C10; V200R009C00;S2700 V100R006C03; V200R003C00; V200R005C00; V200R006C00; V200R006C10; V200R007C00; V200R007C00B050; V200R007C00SPC009T; V200R007C00SPC019T; V200R008C00; V200R009C00;S3700 V100R006C03;S5700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R003C02; V200R005C00; V200R005C01; V200R005C02; V200R005C03; V200R006C00; V200R007C00; V200R008C00; V200R009C00;S6700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R005C01; V200R005C02; V200R008C00; V200R009C00;S7700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R006C01; V200R007C00; V200R007C01; V200R008C00; V200R008C06; V200R009C00;S9700 V200R001C00; V200R001C01; V200R002C00; V200R003C00; V200R005C00; V200R006C00; V200R007C00; V200R007C01; V200R008C00; V200R009C00 tienen una vulnerabilidad de filtrado de informaci\u00f3n. En algunas condiciones espec\u00edficas, si los atacantes env\u00edan mensajes PING MPLS Service especialmente mal formados a los productos afectados, estos no liberan la memoria al gestionar los paquetes. Por lo tanto, esto resulta en el filtrado de memoria de los productos afectados."
}
],
"id": "CVE-2017-17141",
"lastModified": "2024-11-21T03:17:34.063",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-05T19:29:00.737",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-mpls-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-mpls-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-772"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-17137
Vulnerability from fkie_nvd - Published: 2018-03-05 19:29 - Updated: 2024-11-21 03:17
Severity ?
Summary
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has an Out-of-Bounds memory access vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "84477B1C-413A-4F74-86DC-55E58AD07AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "80411236-6B22-4937-87F3-E06C991B14D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4B469A91-4CD0-44D2-A982-3E612B855E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2E0857-39E8-46C2-A723-9F09C052F2F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "10CBC93B-5CF6-45BF-A90A-84B7693E27FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B17A34EF-677D-4264-82FB-F7F582C9F56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "933755CC-4A0B-42FB-9491-3C841059851D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "410E8DAA-E961-46E1-96E2-3AC4B40D8359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F91DC34F-C000-4E51-A70E-38610D31AE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "099E36B0-125F-4B3F-8D4A-01F8882CF53B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1D26AA-09DF-49DA-930F-A2EAEA486361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E364889D-CDEE-4D8C-82E5-6D5BC3DD768A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B6F69BC3-E6C0-4E70-AC13-D79D840579DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5561195B-7385-4175-9D29-77E95E4E9AB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "48B5A9B7-A931-4806-8AC7-302C6CA49CF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FA744621-893C-4F7E-80A1-66559BC6D6F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A9EA93B5-01A5-4506-9B0A-993621E6940E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2377CD30-6F57-46CB-9DD1-E29458A7D928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A3C92-C5C6-4BE6-A9F6-21C28D68C080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "37E3F87E-EA36-41ED-8793-F6C166FFC4A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D78DAB13-32AA-4813-AB0A-0EA870F41183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01A0EC8F-6A8A-487F-A92A-789E3789788F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6DC309-2FC6-4014-9C2B-8EE12C7BB08F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4C996915-83A1-4EA5-A8E1-F609DA879D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3189382E-6846-4713-A92F-ABD03683F4A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E990766D-FBD4-404E-A783-3D2D0BC210F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30s:*:*:*:*:*:*:*",
"matchCriteriaId": "18553F87-9928-4AE8-87D5-EB8014999E62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*",
"matchCriteriaId": "686651A5-6F2F-4AF3-9B96-FF5905F2303A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEA387B-4F45-438F-8086-6E80B553163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD87254-ABAD-4DFF-BC0D-2CF030063D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4D51-314B-4A77-86A7-9C5237BC4275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c02:*:*:*:*:*:*:*",
"matchCriteriaId": "60DB85A7-54F1-4726-9D9C-07CC35621C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB0020-7162-4E3C-8E6B-D2FF8D7ECF36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tp3106:-:*:*:*:*:*:*:*",
"matchCriteriaId": "492DABB3-66CF-47E9-92D4-518154559A7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tp3206_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D28E0627-0B19-4616-933E-76294F83813F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:tp3206_firmware:v100r002c10:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C4071A-502F-46E4-80FF-C6647161A178",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tp3206:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45ED506D-5094-476B-83F0-CBBED04EF348",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "22007E6A-68FC-4AF4-A570-95873AFBF882",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "80F14B3F-EA8C-4A01-9968-08ECACDA6CBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*",
"matchCriteriaId": "3C83F8B1-67D2-4D4C-8FB5-2C61EDD0FCF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*",
"matchCriteriaId": "0ADEC8B2-CD7F-4246-88C0-E27B939829AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6208C34-D92D-4605-B4AF-6EA597CBA0F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has an Out-of-Bounds memory access vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service."
},
{
"lang": "es",
"value": "El m\u00f3dulo PEM de Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 tiene una vulnerabilidad de acceso a la memoria fuera de l\u00edmites debido a la verificaci\u00f3n insuficiente. Un atacante local autenticado puede provocar que el proceso se cierre inesperadamente mediante certificados maliciosos. El atacante puede explotar esta vulnerabilidad para provocar una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2017-17137",
"lastModified": "2024-11-21T03:17:33.527",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-05T19:29:00.533",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-17136
Vulnerability from fkie_nvd - Published: 2018-03-05 19:29 - Updated: 2024-11-21 03:17
Severity ?
Summary
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a heap overflow vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "84477B1C-413A-4F74-86DC-55E58AD07AB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "80411236-6B22-4937-87F3-E06C991B14D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F46A81BE-C125-4CAE-8EE1-23177FE0C21E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "547D4A9A-6B57-4BBA-9FFE-CF50B9AC5DF4",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4B469A91-4CD0-44D2-A982-3E612B855E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2E0857-39E8-46C2-A723-9F09C052F2F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "946F5FF7-412F-40F9-A492-DE8E11E7B919",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8CA649-7AE1-497C-869B-B4DD315F342C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "67731A77-1DD4-49B2-B437-2850C9583750",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98275088-2FBE-42F4-AAEC-DF02950B803D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "10CBC93B-5CF6-45BF-A90A-84B7693E27FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4803A7-44B2-41BA-814D-151239B92CEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "BD4C5CC9-FD60-4C64-8F88-CFC71BBEA663",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B17A34EF-677D-4264-82FB-F7F582C9F56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "933755CC-4A0B-42FB-9491-3C841059851D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "138C1E57-176C-46B1-9704-D9C8391CC802",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "410E8DAA-E961-46E1-96E2-3AC4B40D8359",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "F91DC34F-C000-4E51-A70E-38610D31AE53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "099E36B0-125F-4B3F-8D4A-01F8882CF53B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22FE26B5-C6D6-4A6C-8526-ED94F4F57C2C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c10:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1D26AA-09DF-49DA-930F-A2EAEA486361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E364889D-CDEE-4D8C-82E5-6D5BC3DD768A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "B6F69BC3-E6C0-4E70-AC13-D79D840579DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5561195B-7385-4175-9D29-77E95E4E9AB6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "48B5A9B7-A931-4806-8AC7-302C6CA49CF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FA744621-893C-4F7E-80A1-66559BC6D6F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A9EA93B5-01A5-4506-9B0A-993621E6940E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "91E52545-B12E-43EC-B132-28FA2E511316",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "2377CD30-6F57-46CB-9DD1-E29458A7D928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "1D79CD09-3414-4105-AD59-F3D1BAC61B7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "FB2A3C92-C5C6-4BE6-A9F6-21C28D68C080",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "37E3F87E-EA36-41ED-8793-F6C166FFC4A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8769C2C4-E333-432B-8943-CFDFAE013379",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D78DAB13-32AA-4813-AB0A-0EA870F41183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*",
"matchCriteriaId": "38515A04-EC21-40B3-A29C-8D0A5883EA4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*",
"matchCriteriaId": "36AB80F7-1BD2-4169-AC70-708CE84BB15C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r009c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01A0EC8F-6A8A-487F-A92A-789E3789788F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*",
"matchCriteriaId": "0C6DC309-2FC6-4014-9C2B-8EE12C7BB08F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75FAA4BF-1ED0-4059-ADA1-071AF1BF2882",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4C996915-83A1-4EA5-A8E1-F609DA879D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "0A8AEAB1-6106-47A2-8207-67E557A8BF80",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C281B511-7A27-4FC6-9427-AE5AD7C302F3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "3189382E-6846-4713-A92F-ABD03683F4A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "627F40B6-8CD1-47EE-8937-F1FAAAB86F0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6E342-26E7-45DF-AC3F-EFEBAE3DDDF0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "E990766D-FBD4-404E-A783-3D2D0BC210F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30s:*:*:*:*:*:*:*",
"matchCriteriaId": "18553F87-9928-4AE8-87D5-EB8014999E62",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE469876-F873-4705-9760-097AE840A818",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*",
"matchCriteriaId": "686651A5-6F2F-4AF3-9B96-FF5905F2303A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "DA3EF476-42D7-4758-8DCB-373F46BF1CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "9DEA387B-4F45-438F-8086-6E80B553163C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "018039EB-7265-4B71-B462-4734FD1D0503",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD87254-ABAD-4DFF-BC0D-2CF030063D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "931FD3B3-A333-4277-AE55-494F5DB9F09F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45C3AF58-E030-4E12-A2FD-A4337A5021ED",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "DF7A4D51-314B-4A77-86A7-9C5237BC4275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "A70F8924-DC80-4D6F-BA3E-DBFE32FED788",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4F188B3-0A63-4704-9B0D-F8DF5D973FA5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c02:*:*:*:*:*:*:*",
"matchCriteriaId": "60DB85A7-54F1-4726-9D9C-07CC35621C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*",
"matchCriteriaId": "092C9FAF-8892-4E16-9C0E-BB1E3488C6C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "01BC9042-0485-437F-811F-F8898B3B7EA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*",
"matchCriteriaId": "4A29049D-F472-4772-8750-20730DA624E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "999117E9-90C8-4E76-90B5-7D364C0B84BF",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "73EB0020-7162-4E3C-8E6B-D2FF8D7ECF36",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tp3106:-:*:*:*:*:*:*:*",
"matchCriteriaId": "492DABB3-66CF-47E9-92D4-518154559A7C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:tp3206_firmware:v100r002c00:*:*:*:*:*:*:*",
"matchCriteriaId": "D28E0627-0B19-4616-933E-76294F83813F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:tp3206_firmware:v100r002c10:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C4071A-502F-46E4-80FF-C6647161A178",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:tp3206:-:*:*:*:*:*:*:*",
"matchCriteriaId": "45ED506D-5094-476B-83F0-CBBED04EF348",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c00:*:*:*:*:*:*:*",
"matchCriteriaId": "22007E6A-68FC-4AF4-A570-95873AFBF882",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30:*:*:*:*:*:*:*",
"matchCriteriaId": "80F14B3F-EA8C-4A01-9968-08ECACDA6CBD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6064BB-5E62-4D70-B933-05B5426EEE9C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*",
"matchCriteriaId": "3C83F8B1-67D2-4D4C-8FB5-2C61EDD0FCF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*",
"matchCriteriaId": "0ADEC8B2-CD7F-4246-88C0-E27B939829AB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F6208C34-D92D-4605-B4AF-6EA597CBA0F2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a heap overflow vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service."
},
{
"lang": "es",
"value": "El m\u00f3dulo PEM de Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 tiene una vulnerabilidad de referencia de puntero null debido a la verificaci\u00f3n insuficiente. Un atacante local autenticado puede provocar que el proceso se cierre inesperadamente mediante certificados maliciosos. El atacante puede explotar esta vulnerabilidad para provocar una denegaci\u00f3n de servicio."
}
],
"id": "CVE-2017-17136",
"lastModified": "2024-11-21T03:17:33.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-03-05T19:29:00.487",
"references": [
{
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
}
],
"sourceIdentifier": "psirt@huawei.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-37129 (GCVE-0-2021-37129)
Vulnerability from cvelistv5 – Published: 2021-10-27 00:41 – Updated: 2024-08-04 01:16
VLAI?
Summary
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.
Severity ?
No CVSS data available.
CWE
- Out of Bounds Write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500 |
Affected:
V500R005C00,V500R005C20
Affected: V500R005C00 Affected: V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10 Affected: V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600 Affected: V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500 Affected: V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00,V500R005C20"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:41:44",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R005C00,V500R005C20"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R005C00,V500R005C20"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V500R005C00,V500R005C20"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37129",
"datePublished": "2021-10-27T00:41:44",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:16:03.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22329 (GCVE-0-2021-22329)
Vulnerability from cvelistv5 – Published: 2021-06-29 19:05 – Updated: 2024-08-03 18:37
VLAI?
Summary
There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10.
Severity ?
No CVSS data available.
CWE
- Improper Licenses Management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S12700;S1700;S2700;S5700;S6700;S7700;S9700 |
Affected:
V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10
Affected: V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700;S1700;S2700;S5700;S6700;S7700;S9700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Licenses Management",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T19:05:31",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700;S1700;S2700;S5700;S6700;S7700;S9700",
"version": {
"version_data": [
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Licenses Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22329",
"datePublished": "2021-06-29T19:05:31",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22377 (GCVE-0-2021-22377)
Vulnerability from cvelistv5 – Published: 2021-06-22 18:10 – Updated: 2024-08-03 18:44
VLAI?
Summary
There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service.
Severity ?
No CVSS data available.
CWE
- Command Injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S12700;S2700;S5700;S6700;S7700 |
Affected:
V200R019C00SPC500
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700;S2700;S5700;S6700;S7700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC500"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-22T18:10:10",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700;S2700;S5700;S6700;S7700",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22377",
"datePublished": "2021-06-22T18:10:10",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22321 (GCVE-0-2021-22321)
Vulnerability from cvelistv5 – Published: 2021-03-22 19:03 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
Severity ?
No CVSS data available.
CWE
- Use After Free
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 |
Affected:
V500R001C30,V500R001C60
Affected: V500R001C30 Affected: V500R001C60 Affected: V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R001C30,V500R001C60"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-22T19:03:52",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22321",
"datePublished": "2021-03-22T19:03:52",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1866 (GCVE-0-2020-1866)
Vulnerability from cvelistv5 – Published: 2021-01-13 22:22 – Updated: 2024-08-04 06:53
VLAI?
Summary
There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00.
Severity ?
No CVSS data available.
CWE
- Out of Bounds Read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500 |
Affected:
V500R001C30,V500R001C60SPC500,V500R005C00
Affected: V200R008C00 Affected: V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00 Affected: V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R001C30,V500R001C60SPC500,V500R005C00"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
},
{
"status": "affected",
"version": "V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T22:22:04",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30,V500R001C60SPC500,V500R005C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
},
{
"version_value": "V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1866",
"datePublished": "2021-01-13T22:22:04",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:53:59.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19397 (GCVE-0-2019-19397)
Vulnerability from cvelistv5 – Published: 2019-12-13 14:19 – Updated: 2024-08-05 02:16
VLAI?
Summary
There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks.
Severity ?
No CVSS data available.
CWE
- Weak Algorithm
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S12700;S1700;S2700;S5700;S6700;S7700;S9700 |
Affected:
V200R007C00
Affected: V200R007C01 Affected: V200R007C20 Affected: V200R008C00 Affected: V200R010C00 Affected: V200R011C10 Affected: V200R012C00 Affected: V200R006C10 Affected: V200R012C20 Affected: V200R006C00 Affected: V200R011C00 Affected: V200R005C00 Affected: V200R005C02 Affected: V200R005C03 Affected: V200R005C01 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:47.108Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-vrp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700;S1700;S2700;S5700;S6700;S7700;S9700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R007C20"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R010C00"
},
{
"status": "affected",
"version": "V200R011C10"
},
{
"status": "affected",
"version": "V200R012C00"
},
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R012C20"
},
{
"status": "affected",
"version": "V200R006C00"
},
{
"status": "affected",
"version": "V200R011C00"
},
{
"status": "affected",
"version": "V200R005C00"
},
{
"status": "affected",
"version": "V200R005C02"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R005C01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weak Algorithm",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T14:19:12",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-vrp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-19397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700;S1700;S2700;S5700;S6700;S7700;S9700",
"version": {
"version_data": [
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R007C20"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R010C00"
},
{
"version_value": "V200R011C10"
},
{
"version_value": "V200R012C00"
},
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R012C20"
},
{
"version_value": "V200R006C00"
},
{
"version_value": "V200R011C00"
},
{
"version_value": "V200R005C00"
},
{
"version_value": "V200R005C02"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R005C01"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weak Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-vrp-en",
"refsource": "MISC",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-vrp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-19397",
"datePublished": "2019-12-13T14:19:12",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-05T02:16:47.108Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5285 (GCVE-0-2019-5285)
Vulnerability from cvelistv5 – Published: 2019-06-04 18:47 – Updated: 2024-08-04 19:54
VLAI?
Summary
Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109)
Severity ?
No CVSS data available.
CWE
- DoS
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei | S12700, S12700, S12700, S12700, S12700, S12700, S12700, S12700, S1700, S1700, S1700, S1700, S1700, S1700, S2300, S2300, S2300, S2300, S2300, S2300, S2300, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S5300, S5300, S5300, S5300, S5300, S5300, S5300, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S600-E, S600-E, S600-E, S600-E, S600-E, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7900, S7900, S7900, S9300, S9300, S9300, S9300, S9300, S9300, S9300, S9300X, S9300X, S9300X, S9300X, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700 |
Affected:
S12700 V200R008C00
Affected: S12700 V200R010C00 Affected: S12700 V200R012C00 Affected: S12700 V200R013C00 Affected: S12700 V200R011C10 Affected: S1700 V200R008C00 Affected: S1700 V200R009C00 Affected: S1700 V200R010C00 Affected: S1700 V200R011C10 Affected: S2300 V200R003C00 Affected: S2300 V200R005C00 Affected: S2300 V200R008C00 Affected: S2300 V200R010C00 Affected: S2300 V200R011C10 Affected: S2300 V200R012C00 Affected: S2300 V200R013C00 Affected: S2700 V200R005C00 Affected: S2700 V200R006C00 Affected: S2700 V200R007C00 Affected: S2700 V200R008C00 Affected: S2700 V200R010C00 Affected: S2700 V200R011C10 Affected: S2700 V200R012C00 Affected: S2700 V200R013C00 Affected: S5300 V200R003C00 Affected: S5300 V200R005C00 Affected: S5300 V200R008C00 Affected: S5300 V200R010C00 Affected: S5300 V200R011C10 Affected: S5300 V200R012C00 Affected: S5700 V200R006C00 Affected: S5700 V200R007C00 Affected: S5700 V200R008C00 Affected: S5700 V200R010C00 Affected: S5700 V200R011C10 Affected: S5700 V200R012C00 Affected: S5700 V200R013C00 Affected: S600-E V200R008C00 Affected: S600-E V200R010C00 Affected: S600-E V200R011C10 Affected: S600-E V200R012C00 Affected: S600-E V200R013C00 Affected: S6300 V200R003C00 Affected: S6300 V200R005C00 Affected: S6300 V200R007C00 Affected: S6300 V200R008C00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:52.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700, S12700, S12700, S12700, S12700, S12700, S12700, S12700, S1700, S1700, S1700, S1700, S1700, S1700, S2300, S2300, S2300, S2300, S2300, S2300, S2300, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S5300, S5300, S5300, S5300, S5300, S5300, S5300, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S600-E, S600-E, S600-E, S600-E, S600-E, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7900, S7900, S7900, S9300, S9300, S9300, S9300, S9300, S9300, S9300, S9300X, S9300X, S9300X, S9300X, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "S12700 V200R008C00"
},
{
"status": "affected",
"version": "S12700 V200R010C00"
},
{
"status": "affected",
"version": "S12700 V200R012C00"
},
{
"status": "affected",
"version": "S12700 V200R013C00"
},
{
"status": "affected",
"version": "S12700 V200R011C10"
},
{
"status": "affected",
"version": "S1700 V200R008C00"
},
{
"status": "affected",
"version": "S1700 V200R009C00"
},
{
"status": "affected",
"version": "S1700 V200R010C00"
},
{
"status": "affected",
"version": "S1700 V200R011C10"
},
{
"status": "affected",
"version": "S2300 V200R003C00"
},
{
"status": "affected",
"version": "S2300 V200R005C00"
},
{
"status": "affected",
"version": "S2300 V200R008C00"
},
{
"status": "affected",
"version": "S2300 V200R010C00"
},
{
"status": "affected",
"version": "S2300 V200R011C10"
},
{
"status": "affected",
"version": "S2300 V200R012C00"
},
{
"status": "affected",
"version": "S2300 V200R013C00"
},
{
"status": "affected",
"version": "S2700 V200R005C00"
},
{
"status": "affected",
"version": "S2700 V200R006C00"
},
{
"status": "affected",
"version": "S2700 V200R007C00"
},
{
"status": "affected",
"version": "S2700 V200R008C00"
},
{
"status": "affected",
"version": "S2700 V200R010C00"
},
{
"status": "affected",
"version": "S2700 V200R011C10"
},
{
"status": "affected",
"version": "S2700 V200R012C00"
},
{
"status": "affected",
"version": "S2700 V200R013C00"
},
{
"status": "affected",
"version": "S5300 V200R003C00"
},
{
"status": "affected",
"version": "S5300 V200R005C00"
},
{
"status": "affected",
"version": "S5300 V200R008C00"
},
{
"status": "affected",
"version": "S5300 V200R010C00"
},
{
"status": "affected",
"version": "S5300 V200R011C10"
},
{
"status": "affected",
"version": "S5300 V200R012C00"
},
{
"status": "affected",
"version": "S5700 V200R006C00"
},
{
"status": "affected",
"version": "S5700 V200R007C00"
},
{
"status": "affected",
"version": "S5700 V200R008C00"
},
{
"status": "affected",
"version": "S5700 V200R010C00"
},
{
"status": "affected",
"version": "S5700 V200R011C10"
},
{
"status": "affected",
"version": "S5700 V200R012C00"
},
{
"status": "affected",
"version": "S5700 V200R013C00"
},
{
"status": "affected",
"version": "S600-E V200R008C00"
},
{
"status": "affected",
"version": "S600-E V200R010C00"
},
{
"status": "affected",
"version": "S600-E V200R011C10"
},
{
"status": "affected",
"version": "S600-E V200R012C00"
},
{
"status": "affected",
"version": "S600-E V200R013C00"
},
{
"status": "affected",
"version": "S6300 V200R003C00"
},
{
"status": "affected",
"version": "S6300 V200R005C00"
},
{
"status": "affected",
"version": "S6300 V200R007C00"
},
{
"status": "affected",
"version": "S6300 V200R008C00"
}
]
}
],
"datePublic": "2019-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-26T10:06:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700, S12700, S12700, S12700, S12700, S12700, S12700, S12700, S1700, S1700, S1700, S1700, S1700, S1700, S2300, S2300, S2300, S2300, S2300, S2300, S2300, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S5300, S5300, S5300, S5300, S5300, S5300, S5300, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S600-E, S600-E, S600-E, S600-E, S600-E, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7900, S7900, S7900, S9300, S9300, S9300, S9300, S9300, S9300, S9300, S9300X, S9300X, S9300X, S9300X, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700",
"version": {
"version_data": [
{
"version_value": "S12700 V200R008C00"
},
{
"version_value": "S12700 V200R010C00"
},
{
"version_value": "S12700 V200R012C00"
},
{
"version_value": "S12700 V200R013C00"
},
{
"version_value": "S12700 V200R011C10"
},
{
"version_value": "S1700 V200R008C00"
},
{
"version_value": "S1700 V200R009C00"
},
{
"version_value": "S1700 V200R010C00"
},
{
"version_value": "S1700 V200R011C10"
},
{
"version_value": "S2300 V200R003C00"
},
{
"version_value": "S2300 V200R005C00"
},
{
"version_value": "S2300 V200R008C00"
},
{
"version_value": "S2300 V200R010C00"
},
{
"version_value": "S2300 V200R011C10"
},
{
"version_value": "S2300 V200R012C00"
},
{
"version_value": "S2300 V200R013C00"
},
{
"version_value": "S2700 V200R005C00"
},
{
"version_value": "S2700 V200R006C00"
},
{
"version_value": "S2700 V200R007C00"
},
{
"version_value": "S2700 V200R008C00"
},
{
"version_value": "S2700 V200R010C00"
},
{
"version_value": "S2700 V200R011C10"
},
{
"version_value": "S2700 V200R012C00"
},
{
"version_value": "S2700 V200R013C00"
},
{
"version_value": "S5300 V200R003C00"
},
{
"version_value": "S5300 V200R005C00"
},
{
"version_value": "S5300 V200R008C00"
},
{
"version_value": "S5300 V200R010C00"
},
{
"version_value": "S5300 V200R011C10"
},
{
"version_value": "S5300 V200R012C00"
},
{
"version_value": "S5700 V200R006C00"
},
{
"version_value": "S5700 V200R007C00"
},
{
"version_value": "S5700 V200R008C00"
},
{
"version_value": "S5700 V200R010C00"
},
{
"version_value": "S5700 V200R011C10"
},
{
"version_value": "S5700 V200R012C00"
},
{
"version_value": "S5700 V200R013C00"
},
{
"version_value": "S600-E V200R008C00"
},
{
"version_value": "S600-E V200R010C00"
},
{
"version_value": "S600-E V200R011C10"
},
{
"version_value": "S600-E V200R012C00"
},
{
"version_value": "S600-E V200R013C00"
},
{
"version_value": "S6300 V200R003C00"
},
{
"version_value": "S6300 V200R005C00"
},
{
"version_value": "S6300 V200R007C00"
},
{
"version_value": "S6300 V200R008C00"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5285",
"datePublished": "2019-06-04T18:47:35",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:52.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17250 (GCVE-0-2017-17250)
Vulnerability from cvelistv5 – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
VLAI?
Summary
Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300 V200R005C32; SRG2300 V200R005C32; SRG3300 V200R005C32 have an out-of-bounds write vulnerability. When a user executes a query command after the device received an abnormal OSPF message, the software writes data past the end of the intended buffer due to the insufficient verification of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending abnormal OSPF messages to the device. A successful exploit could cause the system to crash.
Severity ?
No CVSS data available.
CWE
- out-of-bounds write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | AR120-S; AR1200; AR1200-S; AR150; AR150-S; AR160; AR200; AR200-S; AR2200-S; AR3200; AR510; NetEngine16EX; SRG1300; SRG2300; SRG3300 |
Affected:
AR120-S V200R005C32
Affected: AR1200 V200R005C32 Affected: AR1200-S V200R005C32 Affected: AR150 V200R005C32 Affected: AR150-S V200R005C32 Affected: AR160 V200R005C32 Affected: AR200 V200R005C32 Affected: AR200-S V200R005C32 Affected: AR2200-S V200R005C32 Affected: AR3200 V200R005C32 Affected: V200R007C00 Affected: AR510 V200R005C32 Affected: NetEngine16EX V200R005C32 Affected: SRG1300 V200R005C32 Affected: SRG2300 V200R005C32 Affected: SRG3300 V200R005C32 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180214-01-ospf-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR120-S; AR1200; AR1200-S; AR150; AR150-S; AR160; AR200; AR200-S; AR2200-S; AR3200; AR510; NetEngine16EX; SRG1300; SRG2300; SRG3300",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "AR120-S V200R005C32"
},
{
"status": "affected",
"version": "AR1200 V200R005C32"
},
{
"status": "affected",
"version": "AR1200-S V200R005C32"
},
{
"status": "affected",
"version": "AR150 V200R005C32"
},
{
"status": "affected",
"version": "AR150-S V200R005C32"
},
{
"status": "affected",
"version": "AR160 V200R005C32"
},
{
"status": "affected",
"version": "AR200 V200R005C32"
},
{
"status": "affected",
"version": "AR200-S V200R005C32"
},
{
"status": "affected",
"version": "AR2200-S V200R005C32"
},
{
"status": "affected",
"version": "AR3200 V200R005C32"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "AR510 V200R005C32"
},
{
"status": "affected",
"version": "NetEngine16EX V200R005C32"
},
{
"status": "affected",
"version": "SRG1300 V200R005C32"
},
{
"status": "affected",
"version": "SRG2300 V200R005C32"
},
{
"status": "affected",
"version": "SRG3300 V200R005C32"
}
]
}
],
"datePublic": "2018-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300 V200R005C32; SRG2300 V200R005C32; SRG3300 V200R005C32 have an out-of-bounds write vulnerability. When a user executes a query command after the device received an abnormal OSPF message, the software writes data past the end of the intended buffer due to the insufficient verification of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending abnormal OSPF messages to the device. A successful exploit could cause the system to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180214-01-ospf-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17250",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR120-S; AR1200; AR1200-S; AR150; AR150-S; AR160; AR200; AR200-S; AR2200-S; AR3200; AR510; NetEngine16EX; SRG1300; SRG2300; SRG3300",
"version": {
"version_data": [
{
"version_value": "AR120-S V200R005C32"
},
{
"version_value": "AR1200 V200R005C32"
},
{
"version_value": "AR1200-S V200R005C32"
},
{
"version_value": "AR150 V200R005C32"
},
{
"version_value": "AR150-S V200R005C32"
},
{
"version_value": "AR160 V200R005C32"
},
{
"version_value": "AR200 V200R005C32"
},
{
"version_value": "AR200-S V200R005C32"
},
{
"version_value": "AR2200-S V200R005C32"
},
{
"version_value": "AR3200 V200R005C32"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "AR510 V200R005C32"
},
{
"version_value": "NetEngine16EX V200R005C32"
},
{
"version_value": "SRG1300 V200R005C32"
},
{
"version_value": "SRG2300 V200R005C32"
},
{
"version_value": "SRG3300 V200R005C32"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300 V200R005C32; SRG2300 V200R005C32; SRG3300 V200R005C32 have an out-of-bounds write vulnerability. When a user executes a query command after the device received an abnormal OSPF message, the software writes data past the end of the intended buffer due to the insufficient verification of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending abnormal OSPF messages to the device. A successful exploit could cause the system to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180214-01-ospf-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180214-01-ospf-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17250",
"datePublished": "2018-03-09T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:43:59.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17135 (GCVE-0-2017-17135)
Vulnerability from cvelistv5 – Published: 2018-03-05 19:00 – Updated: 2024-09-17 00:31
VLAI?
Summary
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a null pointer reference vulnerability due to insufficient verification. An authenticated local attacker calls PEM decoder with special parameter which could cause a denial of service.
Severity ?
No CVSS data available.
CWE
- null pointer reference
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | DP300; IPS Module; NGFW Module; NIP6300; NIP6600; RP200; S12700; S1700; S2700; S5700; S6700; S7700; S9700; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60; TP3106; TP3206; USG9500; ViewPoint 9030 |
Affected:
DP300 V500R002C00
Affected: IPS Module V500R001C00 Affected: V500R001C30 Affected: NGFW Module V500R001C00 Affected: V500R002C00 Affected: NIP6300 V500R001C00 Affected: NIP6600 V500R001C00 Affected: RP200 V500R002C00 Affected: V600R006C00 Affected: S12700 V200R007C00 Affected: V200R007C01 Affected: V200R008C00 Affected: V200R009C00 Affected: V200R010C00 Affected: S1700 V200R006C10 Affected: S2700 V200R006C10 Affected: V200R007C00 Affected: S5700 V200R006C00 Affected: S6700 V200R008C00 Affected: S7700 V200R007C00 Affected: S9700 V200R007C00 Affected: Secospace USG6300 V500R001C00 Affected: Secospace USG6500 V500R001C00 Affected: Secospace USG6600 V500R001C00 Affected: V500R001C30S Affected: TE30 V100R001C02 Affected: V100R001C10 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C01 Affected: TP3106 V100R002C00 Affected: TP3206 V100R002C00 Affected: V100R002C10 Affected: USG9500 V500R001C00 Affected: ViewPoint 9030 V100R011C02 Affected: V100R011C03 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "DP300; IPS Module; NGFW Module; NIP6300; NIP6600; RP200; S12700; S1700; S2700; S5700; S6700; S7700; S9700; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60; TP3106; TP3206; USG9500; ViewPoint 9030",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "DP300 V500R002C00"
},
{
"status": "affected",
"version": "IPS Module V500R001C00"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "NGFW Module V500R001C00"
},
{
"status": "affected",
"version": "V500R002C00"
},
{
"status": "affected",
"version": "NIP6300 V500R001C00"
},
{
"status": "affected",
"version": "NIP6600 V500R001C00"
},
{
"status": "affected",
"version": "RP200 V500R002C00"
},
{
"status": "affected",
"version": "V600R006C00"
},
{
"status": "affected",
"version": "S12700 V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R009C00"
},
{
"status": "affected",
"version": "V200R010C00"
},
{
"status": "affected",
"version": "S1700 V200R006C10"
},
{
"status": "affected",
"version": "S2700 V200R006C10"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "S5700 V200R006C00"
},
{
"status": "affected",
"version": "S6700 V200R008C00"
},
{
"status": "affected",
"version": "S7700 V200R007C00"
},
{
"status": "affected",
"version": "S9700 V200R007C00"
},
{
"status": "affected",
"version": "Secospace USG6300 V500R001C00"
},
{
"status": "affected",
"version": "Secospace USG6500 V500R001C00"
},
{
"status": "affected",
"version": "Secospace USG6600 V500R001C00"
},
{
"status": "affected",
"version": "V500R001C30S"
},
{
"status": "affected",
"version": "TE30 V100R001C02"
},
{
"status": "affected",
"version": "V100R001C10"
},
{
"status": "affected",
"version": "TE40 V500R002C00"
},
{
"status": "affected",
"version": "TE50 V500R002C00"
},
{
"status": "affected",
"version": "TE60 V100R001C01"
},
{
"status": "affected",
"version": "TP3106 V100R002C00"
},
{
"status": "affected",
"version": "TP3206 V100R002C00"
},
{
"status": "affected",
"version": "V100R002C10"
},
{
"status": "affected",
"version": "USG9500 V500R001C00"
},
{
"status": "affected",
"version": "ViewPoint 9030 V100R011C02"
},
{
"status": "affected",
"version": "V100R011C03"
}
]
}
],
"datePublic": "2017-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a null pointer reference vulnerability due to insufficient verification. An authenticated local attacker calls PEM decoder with special parameter which could cause a denial of service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "null pointer reference",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-05T18:57:02",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"DATE_PUBLIC": "2017-12-06T00:00:00",
"ID": "CVE-2017-17135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "DP300; IPS Module; NGFW Module; NIP6300; NIP6600; RP200; S12700; S1700; S2700; S5700; S6700; S7700; S9700; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60; TP3106; TP3206; USG9500; ViewPoint 9030",
"version": {
"version_data": [
{
"version_value": "DP300 V500R002C00"
},
{
"version_value": "IPS Module V500R001C00"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "NGFW Module V500R001C00"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "NIP6300 V500R001C00"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "NIP6600 V500R001C00"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "RP200 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "S12700 V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V200R010C00"
},
{
"version_value": "S1700 V200R006C10"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V200R010C00"
},
{
"version_value": "S2700 V200R006C10"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V200R010C00"
},
{
"version_value": "S5700 V200R006C00"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V200R010C00"
},
{
"version_value": "S6700 V200R008C00"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V200R010C00"
},
{
"version_value": "S7700 V200R007C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V200R010C00"
},
{
"version_value": "S9700 V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R009C00"
},
{
"version_value": "V200R010C00"
},
{
"version_value": "Secospace USG6300 V500R001C00"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "Secospace USG6500 V500R001C00"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "Secospace USG6600 V500R001C00"
},
{
"version_value": "V500R001C30S"
},
{
"version_value": "TE30 V100R001C02"
},
{
"version_value": "V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE40 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE50 V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TE60 V100R001C01"
},
{
"version_value": "V100R001C10"
},
{
"version_value": "V500R002C00"
},
{
"version_value": "V600R006C00"
},
{
"version_value": "TP3106 V100R002C00"
},
{
"version_value": "TP3206 V100R002C00"
},
{
"version_value": "V100R002C10"
},
{
"version_value": "USG9500 V500R001C00"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "ViewPoint 9030 V100R011C02"
},
{
"version_value": "V100R011C03"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a null pointer reference vulnerability due to insufficient verification. An authenticated local attacker calls PEM decoder with special parameter which could cause a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "null pointer reference"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17135",
"datePublished": "2018-03-05T19:00:00Z",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-09-17T00:31:13.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-37129 (GCVE-0-2021-37129)
Vulnerability from nvd – Published: 2021-10-27 00:41 – Updated: 2024-08-04 01:16
VLAI?
Summary
There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20.
Severity ?
No CVSS data available.
CWE
- Out of Bounds Write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500 |
Affected:
V500R005C00,V500R005C20
Affected: V500R005C00 Affected: V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10 Affected: V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600 Affected: V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500 Affected: V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:16:03.167Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R005C00,V500R005C20"
},
{
"status": "affected",
"version": "V500R005C00"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500"
},
{
"status": "affected",
"version": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T00:41:44",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-37129",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "IIPS Module;NGFW Module;NIP6600;S12700;S1700;S2700;S5700;S6700;S7700;S9700;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R005C00,V500R005C20"
},
{
"version_value": "V500R005C00"
},
{
"version_value": "V500R005C00,V500R005C20"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600"
},
{
"version_value": "V500R005C00,V500R005C20"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out of bounds write vulnerability in some Huawei products. The vulnerability is caused by a function of a module that does not properly verify input parameter. Successful exploit could cause out of bounds write leading to a denial of service condition.Affected product versions include:IPS Module V500R005C00,V500R005C20;NGFW Module V500R005C00;NIP6600 V500R005C00,V500R005C20;S12700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600,V200R013C00SPC500,V200R019C00SPC200,V200R019C00SPC500,V200R019C10SPC200,V200R020C00,V200R020C10;S1700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S2700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S5700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600,V200R019C00SPC500;S6700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;S7700 V200R010C00SPC600,V200R010C00SPC700,V200R011C10SPC500,V200R011C10SPC600;S9700 V200R010C00SPC600,V200R011C10SPC500,V200R011C10SPC600;USG9500 V500R005C00,V500R005C20."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20211020-01-outofwrite-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-37129",
"datePublished": "2021-10-27T00:41:44",
"dateReserved": "2021-07-20T00:00:00",
"dateUpdated": "2024-08-04T01:16:03.167Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22329 (GCVE-0-2021-22329)
Vulnerability from nvd – Published: 2021-06-29 19:05 – Updated: 2024-08-03 18:37
VLAI?
Summary
There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10.
Severity ?
No CVSS data available.
CWE
- Improper Licenses Management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S12700;S1700;S2700;S5700;S6700;S7700;S9700 |
Affected:
V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10
Affected: V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.594Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700;S1700;S2700;S5700;S6700;S7700;S9700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper Licenses Management",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T19:05:31",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700;S1700;S2700;S5700;S6700;S7700;S9700",
"version": {
"version_data": [
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There has a license management vulnerability in some Huawei products. An attacker with high privilege needs to perform specific operations to exploit the vulnerability on the affected device. Due to improper license management of the device, as a result, the license file can be applied and affect integrity of the device. Affected product versions include:S12700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S1700 V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S2700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S5700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S6700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100;S7700 V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10;S9700 V200R007C01,V200R007C01B102,V200R008C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Licenses Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210407-01-resourcemanagement-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22329",
"datePublished": "2021-06-29T19:05:31",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22377 (GCVE-0-2021-22377)
Vulnerability from nvd – Published: 2021-06-22 18:10 – Updated: 2024-08-03 18:44
VLAI?
Summary
There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service.
Severity ?
No CVSS data available.
CWE
- Command Injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S12700;S2700;S5700;S6700;S7700 |
Affected:
V200R019C00SPC500
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:12.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700;S2700;S5700;S6700;S7700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R019C00SPC500"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-22T18:10:10",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700;S2700;S5700;S6700;S7700",
"version": {
"version_data": [
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
},
{
"version_value": "V200R019C00SPC500"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious parameters to inject command. This can compromise normal service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210602-01-cmdinj-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22377",
"datePublished": "2021-06-22T18:10:10",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:12.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22321 (GCVE-0-2021-22321)
Vulnerability from nvd – Published: 2021-03-22 19:03 – Updated: 2024-08-03 18:37
VLAI?
Summary
There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500.
Severity ?
No CVSS data available.
CWE
- Use After Free
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500 |
Affected:
V500R001C30,V500R001C60
Affected: V500R001C30 Affected: V500R001C60 Affected: V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10 Affected: V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:37:18.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R001C30,V500R001C60"
},
{
"status": "affected",
"version": "V500R001C30"
},
{
"status": "affected",
"version": "V500R001C60"
},
{
"status": "affected",
"version": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"status": "affected",
"version": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use After Free",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-22T19:03:52",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2021-22321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6600;NIP6800;S12700;S1700;S2700;S5700;S6700;S7700;S9700;Secospace USG6300;Secospace USG6500;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30"
},
{
"version_value": "V500R001C60"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R009C00SPC200,V200R009C00SPC500,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10,V200R011C10SPC100"
},
{
"version_value": "V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V200R007C01,V200R007C01B102,V200R008C00,V200R010C00,V200R010C00SPC300,V200R011C00,V200R011C00SPC100,V200R011C10"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
},
{
"version_value": "V500R001C30,V500R001C60"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a use-after-free vulnerability in a Huawei product. A module cannot deal with specific operations in special scenarios. Attackers can exploit this vulnerability by performing malicious operations. This can cause memory use-after-free, compromising normal service. Affected product include some versions of NIP6300, NIP6600, NIP6800, S1700, S2700, S5700, S6700 , S7700, S9700, Secospace USG6300, Secospace USG6500, Secospace USG6600 and USG9500."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20210210-01-uaf-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2021-22321",
"datePublished": "2021-03-22T19:03:52",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:37:18.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-1866 (GCVE-0-2020-1866)
Vulnerability from nvd – Published: 2021-01-13 22:22 – Updated: 2024-08-04 06:53
VLAI?
Summary
There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00.
Severity ?
No CVSS data available.
CWE
- Out of Bounds Read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500 |
Affected:
V500R001C30,V500R001C60SPC500,V500R005C00
Affected: V200R008C00 Affected: V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00 Affected: V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:53:59.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V500R001C30,V500R001C60SPC500,V500R005C00"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
},
{
"status": "affected",
"version": "V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds Read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-13T22:22:04",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2020-1866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "NIP6800;S12700;S2700;S5700;S6700;S7700;S9700;Secospace USG6600;USG9500",
"version": {
"version_data": [
{
"version_value": "V500R001C30,V500R001C60SPC500,V500R005C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
},
{
"version_value": "V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is an out-of-bounds read vulnerability in several products. The software reads data past the end of the intended buffer when parsing certain crafted DHCP messages. Successful exploit could cause certain service abnormal. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500,V500R005C00;S12700 versions V200R008C00;S2700 versions V200R008C00;S5700 versions V200R008C00;S6700 versions V200R008C00;S7700 versions V200R008C00;S9700 versions V200R008C00;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500,V500R005C00;USG9500 versions V500R001C30SPC300,V500R001C30SPC600,V500R001C60SPC500,V500R005C00."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en",
"refsource": "MISC",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200122-09-eudemon-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2020-1866",
"datePublished": "2021-01-13T22:22:04",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-04T06:53:59.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19397 (GCVE-0-2019-19397)
Vulnerability from nvd – Published: 2019-12-13 14:19 – Updated: 2024-08-05 02:16
VLAI?
Summary
There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks.
Severity ?
No CVSS data available.
CWE
- Weak Algorithm
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | S12700;S1700;S2700;S5700;S6700;S7700;S9700 |
Affected:
V200R007C00
Affected: V200R007C01 Affected: V200R007C20 Affected: V200R008C00 Affected: V200R010C00 Affected: V200R011C10 Affected: V200R012C00 Affected: V200R006C10 Affected: V200R012C20 Affected: V200R006C00 Affected: V200R011C00 Affected: V200R005C00 Affected: V200R005C02 Affected: V200R005C03 Affected: V200R005C01 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:16:47.108Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-vrp-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700;S1700;S2700;S5700;S6700;S7700;S9700",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "V200R007C01"
},
{
"status": "affected",
"version": "V200R007C20"
},
{
"status": "affected",
"version": "V200R008C00"
},
{
"status": "affected",
"version": "V200R010C00"
},
{
"status": "affected",
"version": "V200R011C10"
},
{
"status": "affected",
"version": "V200R012C00"
},
{
"status": "affected",
"version": "V200R006C10"
},
{
"status": "affected",
"version": "V200R012C20"
},
{
"status": "affected",
"version": "V200R006C00"
},
{
"status": "affected",
"version": "V200R011C00"
},
{
"status": "affected",
"version": "V200R005C00"
},
{
"status": "affected",
"version": "V200R005C02"
},
{
"status": "affected",
"version": "V200R005C03"
},
{
"status": "affected",
"version": "V200R005C01"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Weak Algorithm",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-13T14:19:12",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-vrp-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-19397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700;S1700;S2700;S5700;S6700;S7700;S9700",
"version": {
"version_data": [
{
"version_value": "V200R007C00"
},
{
"version_value": "V200R007C01"
},
{
"version_value": "V200R007C20"
},
{
"version_value": "V200R008C00"
},
{
"version_value": "V200R010C00"
},
{
"version_value": "V200R011C10"
},
{
"version_value": "V200R012C00"
},
{
"version_value": "V200R006C10"
},
{
"version_value": "V200R012C20"
},
{
"version_value": "V200R006C00"
},
{
"version_value": "V200R011C00"
},
{
"version_value": "V200R005C00"
},
{
"version_value": "V200R005C02"
},
{
"version_value": "V200R005C03"
},
{
"version_value": "V200R005C01"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "There is a weak algorithm vulnerability in some Huawei products. The affected products use weak algorithms by default. Attackers may exploit the vulnerability to cause information leaks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Weak Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-vrp-en",
"refsource": "MISC",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191204-01-vrp-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-19397",
"datePublished": "2019-12-13T14:19:12",
"dateReserved": "2019-11-29T00:00:00",
"dateUpdated": "2024-08-05T02:16:47.108Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5285 (GCVE-0-2019-5285)
Vulnerability from nvd – Published: 2019-06-04 18:47 – Updated: 2024-08-04 19:54
VLAI?
Summary
Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109)
Severity ?
No CVSS data available.
CWE
- DoS
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei | S12700, S12700, S12700, S12700, S12700, S12700, S12700, S12700, S1700, S1700, S1700, S1700, S1700, S1700, S2300, S2300, S2300, S2300, S2300, S2300, S2300, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S5300, S5300, S5300, S5300, S5300, S5300, S5300, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S600-E, S600-E, S600-E, S600-E, S600-E, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7900, S7900, S7900, S9300, S9300, S9300, S9300, S9300, S9300, S9300, S9300X, S9300X, S9300X, S9300X, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700 |
Affected:
S12700 V200R008C00
Affected: S12700 V200R010C00 Affected: S12700 V200R012C00 Affected: S12700 V200R013C00 Affected: S12700 V200R011C10 Affected: S1700 V200R008C00 Affected: S1700 V200R009C00 Affected: S1700 V200R010C00 Affected: S1700 V200R011C10 Affected: S2300 V200R003C00 Affected: S2300 V200R005C00 Affected: S2300 V200R008C00 Affected: S2300 V200R010C00 Affected: S2300 V200R011C10 Affected: S2300 V200R012C00 Affected: S2300 V200R013C00 Affected: S2700 V200R005C00 Affected: S2700 V200R006C00 Affected: S2700 V200R007C00 Affected: S2700 V200R008C00 Affected: S2700 V200R010C00 Affected: S2700 V200R011C10 Affected: S2700 V200R012C00 Affected: S2700 V200R013C00 Affected: S5300 V200R003C00 Affected: S5300 V200R005C00 Affected: S5300 V200R008C00 Affected: S5300 V200R010C00 Affected: S5300 V200R011C10 Affected: S5300 V200R012C00 Affected: S5700 V200R006C00 Affected: S5700 V200R007C00 Affected: S5700 V200R008C00 Affected: S5700 V200R010C00 Affected: S5700 V200R011C10 Affected: S5700 V200R012C00 Affected: S5700 V200R013C00 Affected: S600-E V200R008C00 Affected: S600-E V200R010C00 Affected: S600-E V200R011C10 Affected: S600-E V200R012C00 Affected: S600-E V200R013C00 Affected: S6300 V200R003C00 Affected: S6300 V200R005C00 Affected: S6300 V200R007C00 Affected: S6300 V200R008C00 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:54:52.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "S12700, S12700, S12700, S12700, S12700, S12700, S12700, S12700, S1700, S1700, S1700, S1700, S1700, S1700, S2300, S2300, S2300, S2300, S2300, S2300, S2300, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S5300, S5300, S5300, S5300, S5300, S5300, S5300, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S600-E, S600-E, S600-E, S600-E, S600-E, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7900, S7900, S7900, S9300, S9300, S9300, S9300, S9300, S9300, S9300, S9300X, S9300X, S9300X, S9300X, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "S12700 V200R008C00"
},
{
"status": "affected",
"version": "S12700 V200R010C00"
},
{
"status": "affected",
"version": "S12700 V200R012C00"
},
{
"status": "affected",
"version": "S12700 V200R013C00"
},
{
"status": "affected",
"version": "S12700 V200R011C10"
},
{
"status": "affected",
"version": "S1700 V200R008C00"
},
{
"status": "affected",
"version": "S1700 V200R009C00"
},
{
"status": "affected",
"version": "S1700 V200R010C00"
},
{
"status": "affected",
"version": "S1700 V200R011C10"
},
{
"status": "affected",
"version": "S2300 V200R003C00"
},
{
"status": "affected",
"version": "S2300 V200R005C00"
},
{
"status": "affected",
"version": "S2300 V200R008C00"
},
{
"status": "affected",
"version": "S2300 V200R010C00"
},
{
"status": "affected",
"version": "S2300 V200R011C10"
},
{
"status": "affected",
"version": "S2300 V200R012C00"
},
{
"status": "affected",
"version": "S2300 V200R013C00"
},
{
"status": "affected",
"version": "S2700 V200R005C00"
},
{
"status": "affected",
"version": "S2700 V200R006C00"
},
{
"status": "affected",
"version": "S2700 V200R007C00"
},
{
"status": "affected",
"version": "S2700 V200R008C00"
},
{
"status": "affected",
"version": "S2700 V200R010C00"
},
{
"status": "affected",
"version": "S2700 V200R011C10"
},
{
"status": "affected",
"version": "S2700 V200R012C00"
},
{
"status": "affected",
"version": "S2700 V200R013C00"
},
{
"status": "affected",
"version": "S5300 V200R003C00"
},
{
"status": "affected",
"version": "S5300 V200R005C00"
},
{
"status": "affected",
"version": "S5300 V200R008C00"
},
{
"status": "affected",
"version": "S5300 V200R010C00"
},
{
"status": "affected",
"version": "S5300 V200R011C10"
},
{
"status": "affected",
"version": "S5300 V200R012C00"
},
{
"status": "affected",
"version": "S5700 V200R006C00"
},
{
"status": "affected",
"version": "S5700 V200R007C00"
},
{
"status": "affected",
"version": "S5700 V200R008C00"
},
{
"status": "affected",
"version": "S5700 V200R010C00"
},
{
"status": "affected",
"version": "S5700 V200R011C10"
},
{
"status": "affected",
"version": "S5700 V200R012C00"
},
{
"status": "affected",
"version": "S5700 V200R013C00"
},
{
"status": "affected",
"version": "S600-E V200R008C00"
},
{
"status": "affected",
"version": "S600-E V200R010C00"
},
{
"status": "affected",
"version": "S600-E V200R011C10"
},
{
"status": "affected",
"version": "S600-E V200R012C00"
},
{
"status": "affected",
"version": "S600-E V200R013C00"
},
{
"status": "affected",
"version": "S6300 V200R003C00"
},
{
"status": "affected",
"version": "S6300 V200R005C00"
},
{
"status": "affected",
"version": "S6300 V200R007C00"
},
{
"status": "affected",
"version": "S6300 V200R008C00"
}
]
}
],
"datePublic": "2019-05-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-26T10:06:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2019-5285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "S12700, S12700, S12700, S12700, S12700, S12700, S12700, S12700, S1700, S1700, S1700, S1700, S1700, S1700, S2300, S2300, S2300, S2300, S2300, S2300, S2300, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S2700, S5300, S5300, S5300, S5300, S5300, S5300, S5300, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S5700, S600-E, S600-E, S600-E, S600-E, S600-E, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6300, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S6700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7700, S7900, S7900, S7900, S9300, S9300, S9300, S9300, S9300, S9300, S9300, S9300X, S9300X, S9300X, S9300X, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700, S9700",
"version": {
"version_data": [
{
"version_value": "S12700 V200R008C00"
},
{
"version_value": "S12700 V200R010C00"
},
{
"version_value": "S12700 V200R012C00"
},
{
"version_value": "S12700 V200R013C00"
},
{
"version_value": "S12700 V200R011C10"
},
{
"version_value": "S1700 V200R008C00"
},
{
"version_value": "S1700 V200R009C00"
},
{
"version_value": "S1700 V200R010C00"
},
{
"version_value": "S1700 V200R011C10"
},
{
"version_value": "S2300 V200R003C00"
},
{
"version_value": "S2300 V200R005C00"
},
{
"version_value": "S2300 V200R008C00"
},
{
"version_value": "S2300 V200R010C00"
},
{
"version_value": "S2300 V200R011C10"
},
{
"version_value": "S2300 V200R012C00"
},
{
"version_value": "S2300 V200R013C00"
},
{
"version_value": "S2700 V200R005C00"
},
{
"version_value": "S2700 V200R006C00"
},
{
"version_value": "S2700 V200R007C00"
},
{
"version_value": "S2700 V200R008C00"
},
{
"version_value": "S2700 V200R010C00"
},
{
"version_value": "S2700 V200R011C10"
},
{
"version_value": "S2700 V200R012C00"
},
{
"version_value": "S2700 V200R013C00"
},
{
"version_value": "S5300 V200R003C00"
},
{
"version_value": "S5300 V200R005C00"
},
{
"version_value": "S5300 V200R008C00"
},
{
"version_value": "S5300 V200R010C00"
},
{
"version_value": "S5300 V200R011C10"
},
{
"version_value": "S5300 V200R012C00"
},
{
"version_value": "S5700 V200R006C00"
},
{
"version_value": "S5700 V200R007C00"
},
{
"version_value": "S5700 V200R008C00"
},
{
"version_value": "S5700 V200R010C00"
},
{
"version_value": "S5700 V200R011C10"
},
{
"version_value": "S5700 V200R012C00"
},
{
"version_value": "S5700 V200R013C00"
},
{
"version_value": "S600-E V200R008C00"
},
{
"version_value": "S600-E V200R010C00"
},
{
"version_value": "S600-E V200R011C10"
},
{
"version_value": "S600-E V200R012C00"
},
{
"version_value": "S600-E V200R013C00"
},
{
"version_value": "S6300 V200R003C00"
},
{
"version_value": "S6300 V200R005C00"
},
{
"version_value": "S6300 V200R007C00"
},
{
"version_value": "S6300 V200R008C00"
}
]
}
}
]
},
"vendor_name": "Huawei"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Some Huawei S series switches have a DoS vulnerability. An unauthenticated remote attacker can send crafted packets to the affected device to exploit this vulnerability. Due to insufficient verification of the packets, successful exploitation may cause the device reboot and denial of service (DoS) condition. (Vulnerability ID: HWPSIRT-2019-03109)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en",
"refsource": "CONFIRM",
"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
},
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190522-01-switch-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2019-5285",
"datePublished": "2019-06-04T18:47:35",
"dateReserved": "2019-01-04T00:00:00",
"dateUpdated": "2024-08-04T19:54:52.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-17250 (GCVE-0-2017-17250)
Vulnerability from nvd – Published: 2018-03-09 17:00 – Updated: 2024-08-05 20:43
VLAI?
Summary
Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300 V200R005C32; SRG2300 V200R005C32; SRG3300 V200R005C32 have an out-of-bounds write vulnerability. When a user executes a query command after the device received an abnormal OSPF message, the software writes data past the end of the intended buffer due to the insufficient verification of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending abnormal OSPF messages to the device. A successful exploit could cause the system to crash.
Severity ?
No CVSS data available.
CWE
- out-of-bounds write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Huawei Technologies Co., Ltd. | AR120-S; AR1200; AR1200-S; AR150; AR150-S; AR160; AR200; AR200-S; AR2200-S; AR3200; AR510; NetEngine16EX; SRG1300; SRG2300; SRG3300 |
Affected:
AR120-S V200R005C32
Affected: AR1200 V200R005C32 Affected: AR1200-S V200R005C32 Affected: AR150 V200R005C32 Affected: AR150-S V200R005C32 Affected: AR160 V200R005C32 Affected: AR200 V200R005C32 Affected: AR200-S V200R005C32 Affected: AR2200-S V200R005C32 Affected: AR3200 V200R005C32 Affected: V200R007C00 Affected: AR510 V200R005C32 Affected: NetEngine16EX V200R005C32 Affected: SRG1300 V200R005C32 Affected: SRG2300 V200R005C32 Affected: SRG3300 V200R005C32 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:43:59.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180214-01-ospf-en"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "AR120-S; AR1200; AR1200-S; AR150; AR150-S; AR160; AR200; AR200-S; AR2200-S; AR3200; AR510; NetEngine16EX; SRG1300; SRG2300; SRG3300",
"vendor": "Huawei Technologies Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "AR120-S V200R005C32"
},
{
"status": "affected",
"version": "AR1200 V200R005C32"
},
{
"status": "affected",
"version": "AR1200-S V200R005C32"
},
{
"status": "affected",
"version": "AR150 V200R005C32"
},
{
"status": "affected",
"version": "AR150-S V200R005C32"
},
{
"status": "affected",
"version": "AR160 V200R005C32"
},
{
"status": "affected",
"version": "AR200 V200R005C32"
},
{
"status": "affected",
"version": "AR200-S V200R005C32"
},
{
"status": "affected",
"version": "AR2200-S V200R005C32"
},
{
"status": "affected",
"version": "AR3200 V200R005C32"
},
{
"status": "affected",
"version": "V200R007C00"
},
{
"status": "affected",
"version": "AR510 V200R005C32"
},
{
"status": "affected",
"version": "NetEngine16EX V200R005C32"
},
{
"status": "affected",
"version": "SRG1300 V200R005C32"
},
{
"status": "affected",
"version": "SRG2300 V200R005C32"
},
{
"status": "affected",
"version": "SRG3300 V200R005C32"
}
]
}
],
"datePublic": "2018-02-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300 V200R005C32; SRG2300 V200R005C32; SRG3300 V200R005C32 have an out-of-bounds write vulnerability. When a user executes a query command after the device received an abnormal OSPF message, the software writes data past the end of the intended buffer due to the insufficient verification of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending abnormal OSPF messages to the device. A successful exploit could cause the system to crash."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bounds write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-09T16:57:01",
"orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"shortName": "huawei"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180214-01-ospf-en"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@huawei.com",
"ID": "CVE-2017-17250",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "AR120-S; AR1200; AR1200-S; AR150; AR150-S; AR160; AR200; AR200-S; AR2200-S; AR3200; AR510; NetEngine16EX; SRG1300; SRG2300; SRG3300",
"version": {
"version_data": [
{
"version_value": "AR120-S V200R005C32"
},
{
"version_value": "AR1200 V200R005C32"
},
{
"version_value": "AR1200-S V200R005C32"
},
{
"version_value": "AR150 V200R005C32"
},
{
"version_value": "AR150-S V200R005C32"
},
{
"version_value": "AR160 V200R005C32"
},
{
"version_value": "AR200 V200R005C32"
},
{
"version_value": "AR200-S V200R005C32"
},
{
"version_value": "AR2200-S V200R005C32"
},
{
"version_value": "AR3200 V200R005C32"
},
{
"version_value": "V200R007C00"
},
{
"version_value": "AR510 V200R005C32"
},
{
"version_value": "NetEngine16EX V200R005C32"
},
{
"version_value": "SRG1300 V200R005C32"
},
{
"version_value": "SRG2300 V200R005C32"
},
{
"version_value": "SRG3300 V200R005C32"
}
]
}
}
]
},
"vendor_name": "Huawei Technologies Co., Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300 V200R005C32; SRG2300 V200R005C32; SRG3300 V200R005C32 have an out-of-bounds write vulnerability. When a user executes a query command after the device received an abnormal OSPF message, the software writes data past the end of the intended buffer due to the insufficient verification of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending abnormal OSPF messages to the device. A successful exploit could cause the system to crash."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out-of-bounds write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180214-01-ospf-en",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180214-01-ospf-en"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
"assignerShortName": "huawei",
"cveId": "CVE-2017-17250",
"datePublished": "2018-03-09T17:00:00",
"dateReserved": "2017-12-04T00:00:00",
"dateUpdated": "2024-08-05T20:43:59.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}