cnvd - cnvd-2018-12785

CNVD-2018-12785

Vulnerability from cnvd - Published: 2018-07-10

Title

多款Huawei产品弱算法漏洞

Description

Huawei eSpace U1981等都是中国华为（Huawei）公司的产品。eSpace U1981是一款语音网关产品。 VP9660是多媒体交换平台。多款Huawei产品存在一个弱加密算法漏洞。利用漏洞，一个未经过认证的远程攻击者需要抓取客户端和服务端的TLS报文。由于在RSA密钥交换过程可能发起Bleichenbacher攻击，攻击者可以通过密码分析方法解密会话密钥以及前面抓取的会话。成功利用这个漏洞可能导致部分信息泄露。

Severity

中

Patch Name

多款Huawei产品弱算法漏洞的补丁

Patch Description

Formal description

华为已发布版本修复该漏洞，安全预警链接： http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20180703-01-algorithm-cn

Reference

https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20180703-01-algorithm-cn

Impacted products

Name
['Huawei eSpace U1981 V200R003C30', 'Huawei eSpace U1981 V100R001C20', 'Huawei RSE6500 V500R002C00', 'Huawei eSpace U1981 V200R003C20', 'Huawei eSpace U1981 V200R003C50', 'Huawei VP9660 V600R006C10', 'Huawei SoftCo V200R003C20SPCb00']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-17174"
    }
  },
  "description": "Huawei eSpace U1981\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002eSpace U1981\u662f\u4e00\u6b3e\u8bed\u97f3\u7f51\u5173\u4ea7\u54c1\u3002 VP9660\u662f\u591a\u5a92\u4f53\u4ea4\u6362\u5e73\u53f0\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1\u5b58\u5728\u4e00\u4e2a\u5f31\u52a0\u5bc6\u7b97\u6cd5\u6f0f\u6d1e\u3002\u5229\u7528\u6f0f\u6d1e\uff0c\u4e00\u4e2a\u672a\u7ecf\u8fc7\u8ba4\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u9700\u8981\u6293\u53d6\u5ba2\u6237\u7aef\u548c\u670d\u52a1\u7aef\u7684TLS\u62a5\u6587\u3002\u7531\u4e8e\u5728RSA\u5bc6\u94a5\u4ea4\u6362\u8fc7\u7a0b\u53ef\u80fd\u53d1\u8d77Bleichenbacher\u653b\u51fb\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u5bc6\u7801\u5206\u6790\u65b9\u6cd5\u89e3\u5bc6\u4f1a\u8bdd\u5bc6\u94a5\u4ee5\u53ca\u524d\u9762\u6293\u53d6\u7684\u4f1a\u8bdd\u3002\u6210\u529f\u5229\u7528\u8fd9\u4e2a\u6f0f\u6d1e\u53ef\u80fd\u5bfc\u81f4\u90e8\u5206\u4fe1\u606f\u6cc4\u9732\u3002",
  "discovererName": "Huawei",
  "formalWay": "\u534e\u4e3a\u5df2\u53d1\u5e03\u7248\u672c\u4fee\u590d\u8be5\u6f0f\u6d1e\uff0c\u5b89\u5168\u9884\u8b66\u94fe\u63a5\uff1a\r\nhttp://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20180703-01-algorithm-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-12785",
  "openTime": "2018-07-10",
  "patchDescription": "Huawei eSpace U1981\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002eSpace U1981\u662f\u4e00\u6b3e\u8bed\u97f3\u7f51\u5173\u4ea7\u54c1\u3002 VP9660\u662f\u591a\u5a92\u4f53\u4ea4\u6362\u5e73\u53f0\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1\u5b58\u5728\u4e00\u4e2a\u5f31\u52a0\u5bc6\u7b97\u6cd5\u6f0f\u6d1e\u3002\u5229\u7528\u6f0f\u6d1e\uff0c\u4e00\u4e2a\u672a\u7ecf\u8fc7\u8ba4\u8bc1\u7684\u8fdc\u7a0b\u653b\u51fb\u8005\u9700\u8981\u6293\u53d6\u5ba2\u6237\u7aef\u548c\u670d\u52a1\u7aef\u7684TLS\u62a5\u6587\u3002\u7531\u4e8e\u5728RSA\u5bc6\u94a5\u4ea4\u6362\u8fc7\u7a0b\u53ef\u80fd\u53d1\u8d77Bleichenbacher\u653b\u51fb\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u5bc6\u7801\u5206\u6790\u65b9\u6cd5\u89e3\u5bc6\u4f1a\u8bdd\u5bc6\u94a5\u4ee5\u53ca\u524d\u9762\u6293\u53d6\u7684\u4f1a\u8bdd\u3002\u6210\u529f\u5229\u7528\u8fd9\u4e2a\u6f0f\u6d1e\u53ef\u80fd\u5bfc\u81f4\u90e8\u5206\u4fe1\u606f\u6cc4\u9732\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eHuawei\u4ea7\u54c1\u5f31\u7b97\u6cd5\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei eSpace U1981 V200R003C30",
      "Huawei eSpace U1981 V100R001C20",
      "Huawei RSE6500 V500R002C00",
      "Huawei eSpace U1981 V200R003C20",
      "Huawei eSpace U1981 V200R003C50",
      "Huawei VP9660 V600R006C10",
      "Huawei SoftCo V200R003C20SPCb00"
    ]
  },
  "referenceLink": "https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20180703-01-algorithm-cn",
  "serverity": "\u4e2d",
  "submitTime": "2018-07-10",
  "title": "\u591a\u6b3eHuawei\u4ea7\u54c1\u5f31\u7b97\u6cd5\u6f0f\u6d1e"
}

CVE-2017-17174 (GCVE-0-2017-17174)

Vulnerability from cvelistv5 – Published: 2018-07-31 14:00 – Updated: 2024-08-05 20:43

Summary

Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. To exploit the vulnerability, a remote, unauthenticated attacker has to capture TLS traffic between clients and the affected products. The attacker may launch the Bleichenbacher attack on RSA key exchange to decrypt the session key and the previously captured sessions by some cryptanalytic operations. Successful exploit may cause information leak.

Severity ?

No CVSS data available.

CWE

weak algorithm

Assigner

huawei

References

URL

Tags

http://www.huawei.com/en/psirt/security-advisorie…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Huawei Technologies Co., Ltd.	RSE6500; SoftCo; VP9660; eSpace U1981	Affected: RSE6500 V500R002C00 Affected: SoftCo V200R003C20SPCb00 Affected: VP9660 V600R006C10 Affected: eSpace U1981 V100R001C20 Affected: V200R003C20 Affected: V200R003C30 Affected: V200R003C50

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:43:59.774Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180703-01-algorithm-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "RSE6500; SoftCo; VP9660; eSpace U1981",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "RSE6500 V500R002C00"
            },
            {
              "status": "affected",
              "version": "SoftCo V200R003C20SPCb00"
            },
            {
              "status": "affected",
              "version": "VP9660 V600R006C10"
            },
            {
              "status": "affected",
              "version": "eSpace U1981 V100R001C20"
            },
            {
              "status": "affected",
              "version": "V200R003C20"
            },
            {
              "status": "affected",
              "version": "V200R003C30"
            },
            {
              "status": "affected",
              "version": "V200R003C50"
            }
          ]
        }
      ],
      "datePublic": "2018-07-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. To exploit the vulnerability, a remote, unauthenticated attacker has to capture TLS traffic between clients and the affected products. The attacker may launch the Bleichenbacher attack on RSA key exchange to decrypt the session key and the previously captured sessions by some cryptanalytic operations. Successful exploit may cause information leak."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "weak algorithm",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-31T13:57:01",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180703-01-algorithm-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2017-17174",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "RSE6500; SoftCo; VP9660; eSpace U1981",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "RSE6500 V500R002C00"
                          },
                          {
                            "version_value": "SoftCo V200R003C20SPCb00"
                          },
                          {
                            "version_value": "VP9660 V600R006C10"
                          },
                          {
                            "version_value": "eSpace U1981 V100R001C20"
                          },
                          {
                            "version_value": "V200R003C20"
                          },
                          {
                            "version_value": "V200R003C30"
                          },
                          {
                            "version_value": "V200R003C50"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei Technologies Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. To exploit the vulnerability, a remote, unauthenticated attacker has to capture TLS traffic between clients and the affected products. The attacker may launch the Bleichenbacher attack on RSA key exchange to decrypt the session key and the previously captured sessions by some cryptanalytic operations. Successful exploit may cause information leak."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "weak algorithm"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180703-01-algorithm-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180703-01-algorithm-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2017-17174",
    "datePublished": "2018-07-31T14:00:00",
    "dateReserved": "2017-12-04T00:00:00",
    "dateUpdated": "2024-08-05T20:43:59.774Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-12785

CVE-2017-17174 (GCVE-0-2017-17174)

Tags

Sightings

Nomenclature