cnvd - cnvd-2017-37678

CNVD-2017-37678

Vulnerability from cnvd - Published: 2017-12-20

Title

多款Huawei产品产品OSPF协议存在MaxAge LSA漏洞

Description

Huawei AC6005等都是中国华为（Huawei）公司的产品。Huawei AC6005是一款接入控制设备。CloudEngine 12800是一款数据中心交换机设备。多款Huawei产品产品OSPF协议存在MaxAge LSA漏洞。当设备接收到特定LSA报文，LS (Link Status)老化时间会被设置为MaxAge，即3600秒。攻击者可以利用这个漏洞毒化路由表并发起拒绝服务攻击。

Severity

中

Patch Name

多款Huawei产品产品OSPF协议存在MaxAge LSA漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20170720-01-ospf-cn

Reference

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en

Impacted products

Name
['Huawei Secospace USG6600 V500R001C00', 'Huawei CloudEngine 12800 V100R003C00', 'Huawei CloudEngine 12800 V100R005C00', 'Huawei CloudEngine 12800 V100R005C10', 'Huawei S12700 V200R005C00', 'Huawei S9700 V200R001C00', 'Huawei S9700 V200R002C00', 'Huawei S9700 V200R006C00', 'Huawei S9700 V200R008C00', 'Huawei S12700 V200R006C00', 'Huawei S12700 V200R008C00', 'Huawei S12700 V200R007C00', 'Huawei S7700 V200R007C00', 'Huawei S9700 V200R007C00', 'Huawei CloudEngine 12800 V100R006C00', 'Huawei CloudEngine 5800 V100R005C00', 'Huawei CloudEngine 5800 V100R005C10', 'Huawei CloudEngine 5800 V100R006C00', 'Huawei CloudEngine 6800 V100R005C00', 'Huawei CloudEngine 6800 V100R005C10', 'Huawei CloudEngine 6800 V100R006C00', 'Huawei CloudEngine 7800 V100R005C00', 'Huawei CloudEngine 7800 V100R005C10', 'Huawei CloudEngine 7800 V100R006C00', 'Huawei CloudEngine 8800 V100R006C00', 'Huawei S9700 V200R008C00', 'Huawei CloudEngine 5800 V100R003C00', 'Huawei CloudEngine 6800 V100R003C00', 'Huawei CloudEngine 7800 V100R003C00', 'Huawei CloudEngine 12800 V200R001C00', 'Huawei CloudEngine 6800 V200R001C00', 'Huawei CloudEngine 7800 V200R001C00', 'Huawei CloudEngine 8800 V200R001C00', 'Huawei AC6005 V200R006C10SPC200', 'Huawei AR1200 V200R005C10CP0582T', 'Huawei AR200 V200R005C20SPC026T', 'Huawei AR3200 V200R005C20SPC026T', 'Huawei Secospace USG6600 V500R001C20', 'Huawei Secospace USG6600 V500R001C30', 'Huawei AC6605 V200R006C10SPC200', 'Huawei AR1200 V200R005C10HP0581T', 'Huawei AR1200 V200R005C20SPC026T', 'Huawei CloudEngine 5800 V200R001C00', 'Huawei E600 V200R008C00', 'Huawei S1700 V100R006C00', 'Huawei S1700 V100R007C00', 'Huawei S1700 V200R006C00', 'Huawei S2300 V100R005C00', 'Huawei S2300 V100R006C00', 'Huawei S2300 V100R006C05', 'Huawei S2300 V200R003C00', 'Huawei S2300 V200R003C02', 'Huawei S2300 V200R003C10', 'Huawei S2300 V200R005C00', 'Huawei S2300 V200R005C01', 'Huawei S2300 V200R005C02', 'Huawei S2300 V200R005C03', 'Huawei S2300 V200R007C00', 'Huawei S2300 V200R008C00', 'Huawei S2700 V100R005C00', 'Huawei S2700 V100R006C00', 'Huawei S2700 V100R006C03', 'Huawei S2700 V100R006C05', 'Huawei S2700 V200R003C00', 'Huawei S2700 V200R003C02', 'Huawei S2700 V200R003C10', 'Huawei S2700 V200R005C00', 'Huawei S2700 V200R005C01', 'Huawei S2700 V200R005C02', 'Huawei S2700 V200R005C03', 'Huawei S2700 V200R006C00', 'Huawei S2700 V200R007C00', 'Huawei S2700 V200R008C00', 'Huawei S5300 V100R005C00', 'Huawei S5300 V100R006C00', 'Huawei S5300 V100R006C01', 'Huawei S5300 V200R001C01', 'Huawei S5300 V200R002C00', 'Huawei S5300 V200R003C00', 'Huawei S5300 V200R003C02', 'Huawei S5300 V200R003C10', 'Huawei S5300 V200R005C00', 'Huawei S5300 V200R006C00', 'Huawei S5300 V200R007C00', 'Huawei S5300 V200R008C00', 'Huawei S5700 V100R005C00', 'Huawei S5700 V100R006C00', 'Huawei S5700 V100R006C01', 'Huawei S5700 V200R001C00', 'Huawei S5700 V200R001C01', 'Huawei S5700 V200R002C00', 'Huawei S5700 V200R003C00', 'Huawei S5700 V200R003C02', 'Huawei S5700 V200R003C10', 'Huawei S5700 V200R005C00', 'Huawei S5700 V200R006C00', 'Huawei S5700 V200R008C00', 'Huawei S6300 V100R006C00', 'Huawei S6300 V200R001C01', 'Huawei S6300 V200R002C00', 'Huawei S6300 V200R003C00', 'Huawei S6300 V200R003C02', 'Huawei S6300 V200R003C10', 'Huawei S6300 V200R005C00', 'Huawei S6300 V200R008C00', 'Huawei S6700 V100R006C00', 'Huawei S6700 V200R001C01', 'Huawei S6700 V200R002C00', 'Huawei S6700 V200R003C00', 'Huawei S6700 V200R003C02', 'Huawei S6700 V200R003C10', 'Huawei S6700 V200R006C00', 'Huawei S6700 V200R008C00', 'Huawei S7700 V100R003C00', 'Huawei S7700 V100R006C00', 'Huawei S7700 V200R001C01', 'Huawei S7700 V200R002C00', 'Huawei S7700 V200R006C00', 'Huawei S7700 V200R008C00', 'Huawei S9300 V100R001C00', 'Huawei S9300 V100R002C00', 'Huawei S9300 V100R003C00', 'Huawei S9300 V100R006C00', 'Huawei S9300 V200R002C00', 'Huawei S9300 V200R006C00', 'Huawei S9300 V200R008C00', 'Huawei S9300 V200R008C10']

Name

['Huawei Secospace USG6600 V500R001C00', 'Huawei CloudEngine 12800 V100R003C00', 'Huawei CloudEngine 12800 V100R005C00', 'Huawei CloudEngine 12800 V100R005C10', 'Huawei S12700 V200R005C00', 'Huawei S9700 V200R001C00', 'Huawei S9700 V200R002C00', 'Huawei S9700 V200R006C00', 'Huawei S9700 V200R008C00', 'Huawei S12700 V200R006C00', 'Huawei S12700 V200R008C00', 'Huawei S12700 V200R007C00', 'Huawei S7700 V200R007C00', 'Huawei S9700 V200R007C00', 'Huawei CloudEngine 12800 V100R006C00', 'Huawei CloudEngine 5800 V100R005C00', 'Huawei CloudEngine 5800 V100R005C10', 'Huawei CloudEngine 5800 V100R006C00', 'Huawei CloudEngine 6800 V100R005C00', 'Huawei CloudEngine 6800 V100R005C10', 'Huawei CloudEngine 6800 V100R006C00', 'Huawei CloudEngine 7800 V100R005C00', 'Huawei CloudEngine 7800 V100R005C10', 'Huawei CloudEngine 7800 V100R006C00', 'Huawei CloudEngine 8800 V100R006C00', 'Huawei S9700 V200R008C00', 'Huawei CloudEngine 5800 V100R003C00', 'Huawei CloudEngine 6800 V100R003C00', 'Huawei CloudEngine 7800 V100R003C00', 'Huawei CloudEngine 12800 V200R001C00', 'Huawei CloudEngine 6800 V200R001C00', 'Huawei CloudEngine 7800 V200R001C00', 'Huawei CloudEngine 8800 V200R001C00', 'Huawei AC6005 V200R006C10SPC200', 'Huawei AR1200 V200R005C10CP0582T', 'Huawei AR200 V200R005C20SPC026T', 'Huawei AR3200 V200R005C20SPC026T', 'Huawei Secospace USG6600 V500R001C20', 'Huawei Secospace USG6600 V500R001C30', 'Huawei AC6605 V200R006C10SPC200', 'Huawei AR1200 V200R005C10HP0581T', 'Huawei AR1200 V200R005C20SPC026T', 'Huawei CloudEngine 5800 V200R001C00', 'Huawei E600 V200R008C00', 'Huawei S1700 V100R006C00', 'Huawei S1700 V100R007C00', 'Huawei S1700 V200R006C00', 'Huawei S2300 V100R005C00', 'Huawei S2300 V100R006C00', 'Huawei S2300 V100R006C05', 'Huawei S2300 V200R003C00', 'Huawei S2300 V200R003C02', 'Huawei S2300 V200R003C10', 'Huawei S2300 V200R005C00', 'Huawei S2300 V200R005C01', 'Huawei S2300 V200R005C02', 'Huawei S2300 V200R005C03', 'Huawei S2300 V200R007C00', 'Huawei S2300 V200R008C00', 'Huawei S2700 V100R005C00', 'Huawei S2700 V100R006C00', 'Huawei S2700 V100R006C03', 'Huawei S2700 V100R006C05', 'Huawei S2700 V200R003C00', 'Huawei S2700 V200R003C02', 'Huawei S2700 V200R003C10', 'Huawei S2700 V200R005C00', 'Huawei S2700 V200R005C01', 'Huawei S2700 V200R005C02', 'Huawei S2700 V200R005C03', 'Huawei S2700 V200R006C00', 'Huawei S2700 V200R007C00', 'Huawei S2700 V200R008C00', 'Huawei S5300 V100R005C00', 'Huawei S5300 V100R006C00', 'Huawei S5300 V100R006C01', 'Huawei S5300 V200R001C01', 'Huawei S5300 V200R002C00', 'Huawei S5300 V200R003C00', 'Huawei S5300 V200R003C02', 'Huawei S5300 V200R003C10', 'Huawei S5300 V200R005C00', 'Huawei S5300 V200R006C00', 'Huawei S5300 V200R007C00', 'Huawei S5300 V200R008C00', 'Huawei S5700 V100R005C00', 'Huawei S5700 V100R006C00', 'Huawei S5700 V100R006C01', 'Huawei S5700 V200R001C00', 'Huawei S5700 V200R001C01', 'Huawei S5700 V200R002C00', 'Huawei S5700 V200R003C00', 'Huawei S5700 V200R003C02', 'Huawei S5700 V200R003C10', 'Huawei S5700 V200R005C00', 'Huawei S5700 V200R006C00', 'Huawei S5700 V200R008C00', 'Huawei S6300 V100R006C00', 'Huawei S6300 V200R001C01', 'Huawei S6300 V200R002C00', 'Huawei S6300 V200R003C00', 'Huawei S6300 V200R003C02', 'Huawei S6300 V200R003C10', 'Huawei S6300 V200R005C00', 'Huawei S6300 V200R008C00', 'Huawei S6700 V100R006C00', 'Huawei S6700 V200R001C01', 'Huawei S6700 V200R002C00', 'Huawei S6700 V200R003C00', 'Huawei S6700 V200R003C02', 'Huawei S6700 V200R003C10', 'Huawei S6700 V200R006C00', 'Huawei S6700 V200R008C00', 'Huawei S7700 V100R003C00', 'Huawei S7700 V100R006C00', 'Huawei S7700 V200R001C01', 'Huawei S7700 V200R002C00', 'Huawei S7700 V200R006C00', 'Huawei S7700 V200R008C00', 'Huawei S9300 V100R001C00', 'Huawei S9300 V100R002C00', 'Huawei S9300 V100R003C00', 'Huawei S9300 V100R006C00', 'Huawei S9300 V200R002C00', 'Huawei S9300 V200R006C00', 'Huawei S9300 V200R008C00', 'Huawei S9300 V200R008C10']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-8147"
    }
  },
  "description": "Huawei AC6005\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Huawei AC6005\u662f\u4e00\u6b3e\u63a5\u5165\u63a7\u5236\u8bbe\u5907\u3002CloudEngine 12800\u662f\u4e00\u6b3e\u6570\u636e\u4e2d\u5fc3\u4ea4\u6362\u673a\u8bbe\u5907\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1\u4ea7\u54c1OSPF\u534f\u8bae\u5b58\u5728MaxAge LSA\u6f0f\u6d1e\u3002\u5f53\u8bbe\u5907\u63a5\u6536\u5230\u7279\u5b9aLSA\u62a5\u6587\uff0cLS (Link Status)\u8001\u5316\u65f6\u95f4\u4f1a\u88ab\u8bbe\u7f6e\u4e3aMaxAge\uff0c\u53733600\u79d2\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8fd9\u4e2a\u6f0f\u6d1e\u6bd2\u5316\u8def\u7531\u8868\u5e76\u53d1\u8d77\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "Adi Sosnovich\uff0c Orna Grumberg\u548cGabi Nakibly",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20170720-01-ospf-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-37678",
  "openTime": "2017-12-20",
  "patchDescription": "Huawei AC6005\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Huawei AC6005\u662f\u4e00\u6b3e\u63a5\u5165\u63a7\u5236\u8bbe\u5907\u3002CloudEngine 12800\u662f\u4e00\u6b3e\u6570\u636e\u4e2d\u5fc3\u4ea4\u6362\u673a\u8bbe\u5907\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1\u4ea7\u54c1OSPF\u534f\u8bae\u5b58\u5728MaxAge LSA\u6f0f\u6d1e\u3002\u5f53\u8bbe\u5907\u63a5\u6536\u5230\u7279\u5b9aLSA\u62a5\u6587\uff0cLS (Link Status)\u8001\u5316\u65f6\u95f4\u4f1a\u88ab\u8bbe\u7f6e\u4e3aMaxAge\uff0c\u53733600\u79d2\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8fd9\u4e2a\u6f0f\u6d1e\u6bd2\u5316\u8def\u7531\u8868\u5e76\u53d1\u8d77\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eHuawei\u4ea7\u54c1\u4ea7\u54c1OSPF\u534f\u8bae\u5b58\u5728MaxAge LSA\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei Secospace USG6600 V500R001C00",
      "Huawei CloudEngine 12800 V100R003C00",
      "Huawei CloudEngine 12800 V100R005C00",
      "Huawei CloudEngine 12800 V100R005C10",
      "Huawei S12700 V200R005C00",
      "Huawei S9700 V200R001C00",
      "Huawei S9700  V200R002C00",
      "Huawei S9700  V200R006C00",
      "Huawei S9700  V200R008C00",
      "Huawei S12700 V200R006C00",
      "Huawei S12700  V200R008C00",
      "Huawei S12700 V200R007C00",
      "Huawei S7700 V200R007C00",
      "Huawei S9700 V200R007C00",
      "Huawei CloudEngine 12800 V100R006C00",
      "Huawei CloudEngine 5800 V100R005C00",
      "Huawei CloudEngine 5800 V100R005C10",
      "Huawei CloudEngine 5800 V100R006C00",
      "Huawei CloudEngine 6800 V100R005C00",
      "Huawei CloudEngine 6800 V100R005C10",
      "Huawei CloudEngine 6800 V100R006C00",
      "Huawei CloudEngine 7800 V100R005C00",
      "Huawei CloudEngine 7800 V100R005C10",
      "Huawei CloudEngine 7800 V100R006C00",
      "Huawei CloudEngine 8800 V100R006C00",
      "Huawei S9700 V200R008C00",
      "Huawei CloudEngine 5800 V100R003C00",
      "Huawei CloudEngine 6800 V100R003C00",
      "Huawei CloudEngine 7800 V100R003C00",
      "Huawei CloudEngine 12800 V200R001C00",
      "Huawei CloudEngine 6800 V200R001C00",
      "Huawei CloudEngine 7800 V200R001C00",
      "Huawei CloudEngine 8800 V200R001C00",
      "Huawei AC6005 V200R006C10SPC200",
      "Huawei AR1200 V200R005C10CP0582T",
      "Huawei AR200 V200R005C20SPC026T",
      "Huawei AR3200 V200R005C20SPC026T",
      "Huawei Secospace USG6600 V500R001C20",
      "Huawei Secospace USG6600 V500R001C30",
      "Huawei AC6605 V200R006C10SPC200",
      "Huawei AR1200 V200R005C10HP0581T",
      "Huawei AR1200 V200R005C20SPC026T",
      "Huawei CloudEngine 5800 V200R001C00",
      "Huawei E600 V200R008C00",
      "Huawei S1700 V100R006C00",
      "Huawei S1700 V100R007C00",
      "Huawei S1700 V200R006C00",
      "Huawei S2300 V100R005C00",
      "Huawei S2300 V100R006C00",
      "Huawei S2300 V100R006C05",
      "Huawei S2300 V200R003C00",
      "Huawei S2300 V200R003C02",
      "Huawei S2300 V200R003C10",
      "Huawei S2300 V200R005C00",
      "Huawei S2300 V200R005C01",
      "Huawei S2300 V200R005C02",
      "Huawei S2300 V200R005C03",
      "Huawei S2300 V200R007C00",
      "Huawei S2300 V200R008C00",
      "Huawei S2700 V100R005C00",
      "Huawei S2700 V100R006C00",
      "Huawei S2700 V100R006C03",
      "Huawei S2700 V100R006C05",
      "Huawei S2700 V200R003C00",
      "Huawei S2700 V200R003C02",
      "Huawei S2700 V200R003C10",
      "Huawei S2700 V200R005C00",
      "Huawei S2700 V200R005C01",
      "Huawei S2700 V200R005C02",
      "Huawei S2700 V200R005C03",
      "Huawei S2700 V200R006C00",
      "Huawei S2700 V200R007C00",
      "Huawei S2700 V200R008C00",
      "Huawei S5300 V100R005C00",
      "Huawei S5300 V100R006C00",
      "Huawei S5300 V100R006C01",
      "Huawei S5300 V200R001C01",
      "Huawei S5300 V200R002C00",
      "Huawei S5300 V200R003C00",
      "Huawei S5300 V200R003C02",
      "Huawei S5300 V200R003C10",
      "Huawei S5300 V200R005C00",
      "Huawei S5300 V200R006C00",
      "Huawei S5300 V200R007C00",
      "Huawei S5300 V200R008C00",
      "Huawei S5700 V100R005C00",
      "Huawei S5700 V100R006C00",
      "Huawei S5700 V100R006C01",
      "Huawei S5700 V200R001C00",
      "Huawei S5700 V200R001C01",
      "Huawei S5700 V200R002C00",
      "Huawei S5700 V200R003C00",
      "Huawei S5700 V200R003C02",
      "Huawei S5700 V200R003C10",
      "Huawei S5700 V200R005C00",
      "Huawei S5700 V200R006C00",
      "Huawei S5700 V200R008C00",
      "Huawei S6300 V100R006C00",
      "Huawei S6300 V200R001C01",
      "Huawei S6300 V200R002C00",
      "Huawei S6300 V200R003C00",
      "Huawei S6300 V200R003C02",
      "Huawei S6300 V200R003C10",
      "Huawei S6300 V200R005C00",
      "Huawei S6300 V200R008C00",
      "Huawei S6700 V100R006C00",
      "Huawei S6700 V200R001C01",
      "Huawei S6700 V200R002C00",
      "Huawei S6700 V200R003C00",
      "Huawei S6700 V200R003C02",
      "Huawei S6700 V200R003C10",
      "Huawei S6700 V200R006C00",
      "Huawei S6700 V200R008C00",
      "Huawei S7700 V100R003C00",
      "Huawei S7700 V100R006C00",
      "Huawei S7700 V200R001C01",
      "Huawei S7700 V200R002C00",
      "Huawei S7700 V200R006C00",
      "Huawei S7700 V200R008C00",
      "Huawei S9300 V100R001C00",
      "Huawei S9300 V100R002C00",
      "Huawei S9300 V100R003C00",
      "Huawei S9300 V100R006C00",
      "Huawei S9300 V200R002C00",
      "Huawei S9300 V200R006C00",
      "Huawei S9300 V200R008C00",
      "Huawei S9300 V200R008C10"
    ]
  },
  "referenceLink": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en",
  "serverity": "\u4e2d",
  "submitTime": "2017-11-25",
  "title": "\u591a\u6b3eHuawei\u4ea7\u54c1\u4ea7\u54c1OSPF\u534f\u8bae\u5b58\u5728MaxAge LSA\u6f0f\u6d1e"
}

CVE-2017-8147 (GCVE-0-2017-8147)

Vulnerability from cvelistv5 – Published: 2017-11-22 19:00 – Updated: 2024-09-16 17:03

Summary

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack.

Severity ?

No CVSS data available.

CWE

MaxAge LSA

Assigner

huawei

References

URL

Tags

http://www.huawei.com/en/psirt/security-advisorie…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Huawei Technologies Co., Ltd.	AC6005,AC6605,AR1200,AR200,AR3200,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,E600,S12700,S1700,S2300,S2700,S5300,S5700,S6300,S6700,S7700,S9300,S9700,Secospace USG6600,	Affected: AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005 ...[truncated*]

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:27:22.909Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AC6005,AC6605,AR1200,AR200,AR3200,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,E600,S12700,S1700,S2300,S2700,S5300,S5700,S6300,S6700,S7700,S9300,S9700,Secospace USG6600,",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005 ...[truncated*]"
            }
          ]
        }
      ],
      "datePublic": "2017-11-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "MaxAge LSA",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-22T18:57:01",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en"
        }
      ],
      "x_ConverterErrors": {
        "version_name": {
          "error": "version_name too long. Use array of versions to record more than one version.",
          "message": "Truncated!"
        }
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "DATE_PUBLIC": "2017-11-15T00:00:00",
          "ID": "CVE-2017-8147",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "AC6005,AC6605,AR1200,AR200,AR3200,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,E600,S12700,S1700,S2300,S2700,S5300,S5700,S6300,S6700,S7700,S9300,S9700,Secospace USG6600,",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei Technologies Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "MaxAge LSA"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2017-8147",
    "datePublished": "2017-11-22T19:00:00Z",
    "dateReserved": "2017-04-25T00:00:00",
    "dateUpdated": "2024-09-16T17:03:05.616Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-37678

CVE-2017-8147 (GCVE-0-2017-8147)

Tags

Sightings

Nomenclature