cnvd - cnvd-2017-38288

CNVD-2017-38288

Vulnerability from cnvd - Published: 2017-12-27

Title

多款Huawei产品PEM模块空指针访问漏洞

Description

Huawei DP300、IPS Module、NGFW Module等都是中国华为（Huawei）公司的产品。多款Huawei产品PEM模块存在空指针访问漏洞，经身份验证的本地攻击者可通过特定参数调用PEM解码器利用该漏洞可导致拒绝服务攻击。

Severity

中

Patch Name

多款Huawei产品PEM模块空指针访问漏洞的补丁

Patch Description

Huawei DP300、IPS Module、NGFW Module等都是中国华为（Huawei）公司的产品。多款Huawei产品PEM模块存在空指针访问漏洞，经身份验证的本地攻击者可通过特定参数调用PEM解码器利用该漏洞可导致拒绝服务攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-pem-cn

Reference

http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-pem-cn

Impacted products

Name
['Huawei IPS Module V500R001C00', 'Huawei NGFW Module V500R001C00', 'Huawei NIP6300 V500R001C00', 'Huawei NIP6600 V500R001C00', 'Huawei Secospace USG6300 V500R001C00', 'Huawei Secospace USG6500 V500R001C00', 'Huawei Secospace USG6600 V500R001C00', 'Huawei S7700 V200R008C00', 'Huawei S12700 V200R008C00', 'Huawei S6700 V200R008C00', 'Huawei S12700 V200R007C00', 'Huawei S5700 V200R007C00', 'Huawei S7700 V200R007C00', 'Huawei S9700 V200R007C00', 'Huawei S5700 V200R009C00', 'Huawei S6700 V200R009C00', 'Huawei S7700 V200R009C00', 'Huawei S9700 V200R008C00', 'Huawei S12700 V200R009C00', 'Huawei S12700 V200R007C01', 'Huawei DP300 V500R002C00', 'Huawei TE60 V100R001C01', 'Huawei TE60 V100R001C10', 'Huawei TE60 V500R002C00', 'Huawei TE60 V600R006C00', 'Huawei ViewPoint 9030 V100R011C03', 'Huawei ViewPoint 9030 V100R011C02', 'Huawei TP3206 V100R002C00', 'Huawei TP3106 V100R002C00', 'Huawei RP200 V500R002C00', 'Huawei RP200 V600R006C00', 'Huawei TE30 V100R001C02', 'Huawei TE30 V100R001C10', 'Huawei TE30 V500R002C00', 'Huawei TE30 V600R006C00', 'Huawei TE40 V500R002C00', 'Huawei TE40 V600R006C00', 'Huawei TE50 V500R002C00', 'Huawei TE50 V600R006C00', 'Huawei IPS Module V100R001C30', 'Huawei NGFW Module V500R002C00', 'Huawei NIP6300 V500R001C30', 'Huawei NIP6600 V500R001C30', 'Huawei Secospace USG6300 V100R001C30', 'Huawei Secospace USG6500 V100R001C30', 'Huawei USG9500 V500R001C00', 'Huawei USG9500 V500R001C30', 'Huawei TP3206 V100R002C10', 'Huawei S1700 V100R006C00', 'Huawei S2700 V200R007C00', 'Huawei S2700 V200R008C00', 'Huawei S5700 V200R006C00', 'Huawei S5700 V200R008C00', 'Huawei S12700 V200R010C00', 'Huawei S1700 V200R009C00', 'Huawei S1700 V200R010C00', 'Huawei S2700 V200R006C10', 'Huawei S2700 V200R009C00', 'Huawei S2700 V200R010C00', 'Huawei S5700 V200R010C00', 'Huawei S6700 V200R010C00', 'Huawei S7700 V200R010C00', 'Huawei S9700 V200R007C01', 'Huawei S9700 V200R010C00', 'Huawei S9700 V200R009C00', 'Huawei Secospace USG6600 V500R001C30S']

Name

['Huawei IPS Module V500R001C00', 'Huawei NGFW Module V500R001C00', 'Huawei NIP6300 V500R001C00', 'Huawei NIP6600 V500R001C00', 'Huawei Secospace USG6300 V500R001C00', 'Huawei Secospace USG6500 V500R001C00', 'Huawei Secospace USG6600 V500R001C00', 'Huawei S7700 V200R008C00', 'Huawei S12700 V200R008C00', 'Huawei S6700 V200R008C00', 'Huawei S12700 V200R007C00', 'Huawei S5700 V200R007C00', 'Huawei S7700 V200R007C00', 'Huawei S9700 V200R007C00', 'Huawei S5700 V200R009C00', 'Huawei S6700 V200R009C00', 'Huawei S7700 V200R009C00', 'Huawei S9700 V200R008C00', 'Huawei S12700 V200R009C00', 'Huawei S12700 V200R007C01', 'Huawei DP300 V500R002C00', 'Huawei TE60 V100R001C01', 'Huawei TE60 V100R001C10', 'Huawei TE60 V500R002C00', 'Huawei TE60 V600R006C00', 'Huawei ViewPoint 9030 V100R011C03', 'Huawei ViewPoint 9030 V100R011C02', 'Huawei TP3206 V100R002C00', 'Huawei TP3106 V100R002C00', 'Huawei RP200 V500R002C00', 'Huawei RP200 V600R006C00', 'Huawei TE30 V100R001C02', 'Huawei TE30 V100R001C10', 'Huawei TE30 V500R002C00', 'Huawei TE30 V600R006C00', 'Huawei TE40 V500R002C00', 'Huawei TE40 V600R006C00', 'Huawei TE50 V500R002C00', 'Huawei TE50 V600R006C00', 'Huawei IPS Module V100R001C30', 'Huawei NGFW Module V500R002C00', 'Huawei NIP6300 V500R001C30', 'Huawei NIP6600 V500R001C30', 'Huawei Secospace USG6300 V100R001C30', 'Huawei Secospace USG6500 V100R001C30', 'Huawei USG9500 V500R001C00', 'Huawei USG9500 V500R001C30', 'Huawei TP3206 V100R002C10', 'Huawei S1700 V100R006C00', 'Huawei S2700 V200R007C00', 'Huawei S2700 V200R008C00', 'Huawei S5700 V200R006C00', 'Huawei S5700 V200R008C00', 'Huawei S12700 V200R010C00', 'Huawei S1700 V200R009C00', 'Huawei S1700 V200R010C00', 'Huawei S2700 V200R006C10', 'Huawei S2700 V200R009C00', 'Huawei S2700 V200R010C00', 'Huawei S5700 V200R010C00', 'Huawei S6700 V200R010C00', 'Huawei S7700 V200R010C00', 'Huawei S9700 V200R007C01', 'Huawei S9700 V200R010C00', 'Huawei S9700 V200R009C00', 'Huawei Secospace USG6600 V500R001C30S']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-17135"
    }
  },
  "description": "Huawei DP300\u3001IPS Module\u3001NGFW Module\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1PEM\u6a21\u5757\u5b58\u5728\u7a7a\u6307\u9488\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u7279\u5b9a\u53c2\u6570\u8c03\u7528PEM\u89e3\u7801\u5668\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "Huawei",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-pem-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-38288",
  "openTime": "2017-12-27",
  "patchDescription": "Huawei DP300\u3001IPS Module\u3001NGFW Module\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1PEM\u6a21\u5757\u5b58\u5728\u7a7a\u6307\u9488\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u672c\u5730\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u7279\u5b9a\u53c2\u6570\u8c03\u7528PEM\u89e3\u7801\u5668\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eHuawei\u4ea7\u54c1PEM\u6a21\u5757\u7a7a\u6307\u9488\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei IPS Module V500R001C00",
      "Huawei NGFW Module V500R001C00",
      "Huawei NIP6300 V500R001C00",
      "Huawei NIP6600 V500R001C00",
      "Huawei Secospace USG6300 V500R001C00",
      "Huawei Secospace USG6500 V500R001C00",
      "Huawei Secospace USG6600 V500R001C00",
      "Huawei S7700  V200R008C00",
      "Huawei S12700  V200R008C00",
      "Huawei S6700  V200R008C00",
      "Huawei S12700 V200R007C00",
      "Huawei S5700 V200R007C00",
      "Huawei S7700 V200R007C00",
      "Huawei S9700 V200R007C00",
      "Huawei S5700 V200R009C00",
      "Huawei S6700 V200R009C00",
      "Huawei S7700 V200R009C00",
      "Huawei S9700 V200R008C00",
      "Huawei S12700 V200R009C00",
      "Huawei S12700 V200R007C01",
      "Huawei DP300 V500R002C00",
      "Huawei TE60 V100R001C01",
      "Huawei TE60 V100R001C10",
      "Huawei TE60 V500R002C00",
      "Huawei TE60 V600R006C00",
      "Huawei ViewPoint 9030 V100R011C03",
      "Huawei ViewPoint 9030 V100R011C02",
      "Huawei TP3206 V100R002C00",
      "Huawei TP3106 V100R002C00",
      "Huawei RP200 V500R002C00",
      "Huawei RP200 V600R006C00",
      "Huawei TE30 V100R001C02",
      "Huawei TE30 V100R001C10",
      "Huawei TE30 V500R002C00",
      "Huawei TE30 V600R006C00",
      "Huawei TE40 V500R002C00",
      "Huawei TE40 V600R006C00",
      "Huawei TE50 V500R002C00",
      "Huawei TE50 V600R006C00",
      "Huawei IPS Module V100R001C30",
      "Huawei NGFW Module V500R002C00",
      "Huawei NIP6300 V500R001C30",
      "Huawei NIP6600 V500R001C30",
      "Huawei Secospace USG6300 V100R001C30",
      "Huawei Secospace USG6500 V100R001C30",
      "Huawei USG9500 V500R001C00",
      "Huawei USG9500 V500R001C30",
      "Huawei TP3206 V100R002C10",
      "Huawei S1700 V100R006C00",
      "Huawei S2700 V200R007C00",
      "Huawei S2700 V200R008C00",
      "Huawei S5700 V200R006C00",
      "Huawei S5700 V200R008C00",
      "Huawei S12700 V200R010C00",
      "Huawei S1700 V200R009C00",
      "Huawei S1700 V200R010C00",
      "Huawei S2700 V200R006C10",
      "Huawei S2700 V200R009C00",
      "Huawei S2700 V200R010C00",
      "Huawei S5700 V200R010C00",
      "Huawei S6700 V200R010C00",
      "Huawei S7700 V200R010C00",
      "Huawei S9700 V200R007C01",
      "Huawei S9700 V200R010C00",
      "Huawei S9700 V200R009C00",
      "Huawei Secospace USG6600 V500R001C30S"
    ]
  },
  "referenceLink": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-pem-cn",
  "serverity": "\u4e2d",
  "submitTime": "2017-12-08",
  "title": "\u591a\u6b3eHuawei\u4ea7\u54c1PEM\u6a21\u5757\u7a7a\u6307\u9488\u8bbf\u95ee\u6f0f\u6d1e"
}

CVE-2017-17135 (GCVE-0-2017-17135)

Vulnerability from cvelistv5 – Published: 2018-03-05 19:00 – Updated: 2024-09-17 00:31

Summary

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a null pointer reference vulnerability due to insufficient verification. An authenticated local attacker calls PEM decoder with special parameter which could cause a denial of service.

Severity ?

No CVSS data available.

CWE

null pointer reference

Assigner

huawei

References

URL

Tags

http://www.huawei.com/en/psirt/security-advisorie…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Huawei Technologies Co., Ltd.	DP300; IPS Module; NGFW Module; NIP6300; NIP6600; RP200; S12700; S1700; S2700; S5700; S6700; S7700; S9700; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60; TP3106; TP3206; USG9500; ViewPoint 9030	Affected: DP300 V500R002C00 Affected: IPS Module V500R001C00 Affected: V500R001C30 Affected: NGFW Module V500R001C00 Affected: V500R002C00 Affected: NIP6300 V500R001C00 Affected: NIP6600 V500R001C00 Affected: RP200 V500R002C00 Affected: V600R006C00 Affected: S12700 V200R007C00 Affected: V200R007C01 Affected: V200R008C00 Affected: V200R009C00 Affected: V200R010C00 Affected: S1700 V200R006C10 Affected: S2700 V200R006C10 Affected: V200R007C00 Affected: S5700 V200R006C00 Affected: S6700 V200R008C00 Affected: S7700 V200R007C00 Affected: S9700 V200R007C00 Affected: Secospace USG6300 V500R001C00 Affected: Secospace USG6500 V500R001C00 Affected: Secospace USG6600 V500R001C00 Affected: V500R001C30S Affected: TE30 V100R001C02 Affected: V100R001C10 Affected: TE40 V500R002C00 Affected: TE50 V500R002C00 Affected: TE60 V100R001C01 Affected: TP3106 V100R002C00 Affected: TP3206 V100R002C00 Affected: V100R002C10 Affected: USG9500 V500R001C00 Affected: ViewPoint 9030 V100R011C02 Affected: V100R011C03

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:43:59.923Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DP300; IPS Module; NGFW Module; NIP6300; NIP6600; RP200; S12700; S1700; S2700; S5700; S6700; S7700; S9700; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60; TP3106; TP3206; USG9500; ViewPoint 9030",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "DP300 V500R002C00"
            },
            {
              "status": "affected",
              "version": "IPS Module V500R001C00"
            },
            {
              "status": "affected",
              "version": "V500R001C30"
            },
            {
              "status": "affected",
              "version": "NGFW Module V500R001C00"
            },
            {
              "status": "affected",
              "version": "V500R002C00"
            },
            {
              "status": "affected",
              "version": "NIP6300 V500R001C00"
            },
            {
              "status": "affected",
              "version": "NIP6600 V500R001C00"
            },
            {
              "status": "affected",
              "version": "RP200 V500R002C00"
            },
            {
              "status": "affected",
              "version": "V600R006C00"
            },
            {
              "status": "affected",
              "version": "S12700 V200R007C00"
            },
            {
              "status": "affected",
              "version": "V200R007C01"
            },
            {
              "status": "affected",
              "version": "V200R008C00"
            },
            {
              "status": "affected",
              "version": "V200R009C00"
            },
            {
              "status": "affected",
              "version": "V200R010C00"
            },
            {
              "status": "affected",
              "version": "S1700 V200R006C10"
            },
            {
              "status": "affected",
              "version": "S2700 V200R006C10"
            },
            {
              "status": "affected",
              "version": "V200R007C00"
            },
            {
              "status": "affected",
              "version": "S5700 V200R006C00"
            },
            {
              "status": "affected",
              "version": "S6700 V200R008C00"
            },
            {
              "status": "affected",
              "version": "S7700 V200R007C00"
            },
            {
              "status": "affected",
              "version": "S9700 V200R007C00"
            },
            {
              "status": "affected",
              "version": "Secospace USG6300 V500R001C00"
            },
            {
              "status": "affected",
              "version": "Secospace USG6500 V500R001C00"
            },
            {
              "status": "affected",
              "version": "Secospace USG6600 V500R001C00"
            },
            {
              "status": "affected",
              "version": "V500R001C30S"
            },
            {
              "status": "affected",
              "version": "TE30 V100R001C02"
            },
            {
              "status": "affected",
              "version": "V100R001C10"
            },
            {
              "status": "affected",
              "version": "TE40 V500R002C00"
            },
            {
              "status": "affected",
              "version": "TE50 V500R002C00"
            },
            {
              "status": "affected",
              "version": "TE60 V100R001C01"
            },
            {
              "status": "affected",
              "version": "TP3106 V100R002C00"
            },
            {
              "status": "affected",
              "version": "TP3206 V100R002C00"
            },
            {
              "status": "affected",
              "version": "V100R002C10"
            },
            {
              "status": "affected",
              "version": "USG9500 V500R001C00"
            },
            {
              "status": "affected",
              "version": "ViewPoint 9030 V100R011C02"
            },
            {
              "status": "affected",
              "version": "V100R011C03"
            }
          ]
        }
      ],
      "datePublic": "2017-12-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a null pointer reference vulnerability due to insufficient verification. An authenticated local attacker calls PEM decoder with special parameter which could cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "null pointer reference",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-05T18:57:02",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "DATE_PUBLIC": "2017-12-06T00:00:00",
          "ID": "CVE-2017-17135",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DP300; IPS Module; NGFW Module; NIP6300; NIP6600; RP200; S12700; S1700; S2700; S5700; S6700; S7700; S9700; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60; TP3106; TP3206; USG9500; ViewPoint 9030",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "DP300 V500R002C00"
                          },
                          {
                            "version_value": "IPS Module V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "NGFW Module V500R001C00"
                          },
                          {
                            "version_value": "V500R002C00"
                          },
                          {
                            "version_value": "NIP6300 V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "NIP6600 V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "RP200 V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          },
                          {
                            "version_value": "S12700 V200R007C00"
                          },
                          {
                            "version_value": "V200R007C01"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "S1700 V200R006C10"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "S2700 V200R006C10"
                          },
                          {
                            "version_value": "V200R007C00"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "S5700 V200R006C00"
                          },
                          {
                            "version_value": "V200R007C00"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "S6700 V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "S7700 V200R007C00"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "S9700 V200R007C00"
                          },
                          {
                            "version_value": "V200R007C01"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "Secospace USG6300 V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "Secospace USG6500 V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "Secospace USG6600 V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30S"
                          },
                          {
                            "version_value": "TE30 V100R001C02"
                          },
                          {
                            "version_value": "V100R001C10"
                          },
                          {
                            "version_value": "V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          },
                          {
                            "version_value": "TE40 V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          },
                          {
                            "version_value": "TE50 V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          },
                          {
                            "version_value": "TE60 V100R001C01"
                          },
                          {
                            "version_value": "V100R001C10"
                          },
                          {
                            "version_value": "V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          },
                          {
                            "version_value": "TP3106 V100R002C00"
                          },
                          {
                            "version_value": "TP3206 V100R002C00"
                          },
                          {
                            "version_value": "V100R002C10"
                          },
                          {
                            "version_value": "USG9500 V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "ViewPoint 9030 V100R011C02"
                          },
                          {
                            "version_value": "V100R011C03"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei Technologies Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a null pointer reference vulnerability due to insufficient verification. An authenticated local attacker calls PEM decoder with special parameter which could cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "null pointer reference"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2017-17135",
    "datePublished": "2018-03-05T19:00:00Z",
    "dateReserved": "2017-12-04T00:00:00",
    "dateUpdated": "2024-09-17T00:31:13.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2017-38288

CVE-2017-17135 (GCVE-0-2017-17135)

Tags

Sightings

Nomenclature