cve-2017-17317
Vulnerability from cvelistv5
Published
2018-07-02 13:00
Modified
2024-08-05 20:51
Severity ?
Summary
Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal.
References
psirt@huawei.comhttps://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-enVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-enVendor Advisory
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:51:30.748Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "USG6300 V100R001C10"
            },
            {
              "status": "affected",
              "version": "V100R001C20"
            },
            {
              "status": "affected",
              "version": "V100R001C30"
            },
            {
              "status": "affected",
              "version": "V500R001C00"
            },
            {
              "status": "affected",
              "version": "V500R001C20"
            },
            {
              "status": "affected",
              "version": "V500R001C30"
            },
            {
              "status": "affected",
              "version": "V500R001C50"
            },
            {
              "status": "affected",
              "version": "Secospace USG6500 V100R001C10"
            },
            {
              "status": "affected",
              "version": "Secospace USG6600 V100R001C00"
            },
            {
              "status": "affected",
              "version": "TE30 V100R001C02"
            },
            {
              "status": "affected",
              "version": "V100R001C10"
            },
            {
              "status": "affected",
              "version": "V500R002C00"
            },
            {
              "status": "affected",
              "version": "V600R006C00"
            },
            {
              "status": "affected",
              "version": "TE40 V500R002C00"
            },
            {
              "status": "affected",
              "version": "TE50 V500R002C00"
            },
            {
              "status": "affected",
              "version": "TE60 V100R001C01"
            }
          ]
        }
      ],
      "datePublic": "2018-06-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "buffer overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-07-02T12:57:01",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2017-17317",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DP300; IPS Module; NGFW Module; RP200; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "USG6300 V100R001C10"
                          },
                          {
                            "version_value": "V100R001C20"
                          },
                          {
                            "version_value": "V100R001C30"
                          },
                          {
                            "version_value": "V500R001C00"
                          },
                          {
                            "version_value": "V500R001C20"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "V500R001C50"
                          },
                          {
                            "version_value": "Secospace USG6500 V100R001C10"
                          },
                          {
                            "version_value": "V100R001C20"
                          },
                          {
                            "version_value": "V100R001C30"
                          },
                          {
                            "version_value": "V500R001C00"
                          },
                          {
                            "version_value": "V500R001C20"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "V500R001C50"
                          },
                          {
                            "version_value": "Secospace USG6600 V100R001C00"
                          },
                          {
                            "version_value": "V100R001C20"
                          },
                          {
                            "version_value": "V100R001C30"
                          },
                          {
                            "version_value": "V500R001C00"
                          },
                          {
                            "version_value": "V500R001C20"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "V500R001C50"
                          },
                          {
                            "version_value": "TE30 V100R001C02"
                          },
                          {
                            "version_value": "V100R001C10"
                          },
                          {
                            "version_value": "V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          },
                          {
                            "version_value": "TE40 V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          },
                          {
                            "version_value": "TE50 V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          },
                          {
                            "version_value": "TE60 V100R001C01"
                          },
                          {
                            "version_value": "V100R001C10"
                          },
                          {
                            "version_value": "V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei Technologies Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "buffer overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en",
              "refsource": "CONFIRM",
              "url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2017-17317",
    "datePublished": "2018-07-02T13:00:00",
    "dateReserved": "2017-12-04T00:00:00",
    "dateUpdated": "2024-08-05T20:51:30.748Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8871106B-D3AF-4CFB-A544-1FA411642428\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F3483B2-9EB6-4E34-900A-945C04A3160D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67731A77-1DD4-49B2-B437-2850C9583750\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98275088-2FBE-42F4-AAEC-DF02950B803D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"686651A5-6F2F-4AF3-9B96-FF5905F2303A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA3EF476-42D7-4758-8DCB-373F46BF1CF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9DEA387B-4F45-438F-8086-6E80B553163C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"018039EB-7265-4B71-B462-4734FD1D0503\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDD87254-ABAD-4DFF-BC0D-2CF030063D6F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"931FD3B3-A333-4277-AE55-494F5DB9F09F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45C3AF58-E030-4E12-A2FD-A4337A5021ED\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DF7A4D51-314B-4A77-86A7-9C5237BC4275\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A70F8924-DC80-4D6F-BA3E-DBFE32FED788\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4F188B3-0A63-4704-9B0D-F8DF5D973FA5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te60_firmware:v100r001c01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F6EACB9-6832-4B2A-9C5B-C1E2747D6359\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"092C9FAF-8892-4E16-9C0E-BB1E3488C6C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"01BC9042-0485-437F-811F-F8898B3B7EA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4A29049D-F472-4772-8750-20730DA624E9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"999117E9-90C8-4E76-90B5-7D364C0B84BF\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal.\"}, {\"lang\": \"es\", \"value\": \"El m\\u00f3dulo COPS (Common Open Policy Service Protocol) en dispositivos Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00 y V600R006C00 tiene una vulnerabilidad de desbordamiento de b\\u00fafer. Un atacante remoto no autenticado debe controlar el dispositivo del mismo nivel y enviar mensajes especialmente manipulados a los productos afectados. Dada la validaci\\u00f3n de entradas insuficiente, su explotaci\\u00f3n con \\u00e9xito podr\\u00eda provocar el funcionamiento err\\u00f3neo de algunos servicios.\"}]",
      "id": "CVE-2017-17317",
      "lastModified": "2024-11-21T03:17:49.513",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 3.7, \"baseSeverity\": \"LOW\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-07-02T13:29:00.317",
      "references": "[{\"url\": \"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en\", \"source\": \"psirt@huawei.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@huawei.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-17317\",\"sourceIdentifier\":\"psirt@huawei.com\",\"published\":\"2018-07-02T13:29:00.317\",\"lastModified\":\"2024-11-21T03:17:49.513\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal.\"},{\"lang\":\"es\",\"value\":\"El m\u00f3dulo COPS (Common Open Policy Service Protocol) en dispositivos Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00 y V600R006C00 tiene una vulnerabilidad de desbordamiento de b\u00fafer. Un atacante remoto no autenticado debe controlar el dispositivo del mismo nivel y enviar mensajes especialmente manipulados a los productos afectados. Dada la validaci\u00f3n de entradas insuficiente, su explotaci\u00f3n con \u00e9xito podr\u00eda provocar el funcionamiento err\u00f3neo de algunos servicios.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":3.7,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8871106B-D3AF-4CFB-A544-1FA411642428\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F3483B2-9EB6-4E34-900A-945C04A3160D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16C1ED34-BC94-4AAC-ADF4-5FCD637E5B4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67731A77-1DD4-49B2-B437-2850C9583750\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98275088-2FBE-42F4-AAEC-DF02950B803D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"686651A5-6F2F-4AF3-9B96-FF5905F2303A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA3EF476-42D7-4758-8DCB-373F46BF1CF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DEA387B-4F45-438F-8086-6E80B553163C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"018039EB-7265-4B71-B462-4734FD1D0503\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1146F99B-5344-4CD3-AF3F-CD3FE6F6DD91\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDD87254-ABAD-4DFF-BC0D-2CF030063D6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"931FD3B3-A333-4277-AE55-494F5DB9F09F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45C3AF58-E030-4E12-A2FD-A4337A5021ED\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF7A4D51-314B-4A77-86A7-9C5237BC4275\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A70F8924-DC80-4D6F-BA3E-DBFE32FED788\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4F188B3-0A63-4704-9B0D-F8DF5D973FA5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te60_firmware:v100r001c01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6EACB9-6832-4B2A-9C5B-C1E2747D6359\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"092C9FAF-8892-4E16-9C0E-BB1E3488C6C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01BC9042-0485-437F-811F-F8898B3B7EA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A29049D-F472-4772-8750-20730DA624E9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"999117E9-90C8-4E76-90B5-7D364C0B84BF\"}]}]}],\"references\":[{\"url\":\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en\",\"source\":\"psirt@huawei.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180630-01-cops-en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.