5.5

CVE-2017-17136

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a heap overflow vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HuaweiDp300 Firmware Versionv500r002c00
   HuaweiDp300 Version-
HuaweiIps Module Firmware Versionv500r001c00
   HuaweiIps Module Version-
HuaweiIps Module Firmware Versionv500r001c30
   HuaweiIps Module Version-
HuaweiNgfw Module Firmware Versionv500r001c00
   HuaweiNgfw Module Version-
HuaweiNgfw Module Firmware Versionv500r002c00
   HuaweiNgfw Module Version-
HuaweiNip6300 Firmware Versionv500r001c00
   HuaweiNip6300 Version-
HuaweiNip6300 Firmware Versionv500r001c30
   HuaweiNip6300 Version-
HuaweiNip6600 Firmware Versionv500r001c00
   HuaweiNip6600 Version-
HuaweiNip6600 Firmware Versionv500r001c30
   HuaweiNip6600 Version-
HuaweiRp200 Firmware Versionv500r002c00
   HuaweiRp200 Version-
HuaweiRp200 Firmware Versionv600r006c00
   HuaweiRp200 Version-
HuaweiS12700 Firmware Versionv200r007c00
   HuaweiS12700 Version-
HuaweiS12700 Firmware Versionv200r007c01
   HuaweiS12700 Version-
HuaweiS12700 Firmware Versionv200r008c00
   HuaweiS12700 Version-
HuaweiS12700 Firmware Versionv200r009c00
   HuaweiS12700 Version-
HuaweiS12700 Firmware Versionv200r010c00
   HuaweiS12700 Version-
HuaweiS1700 Firmware Versionv200r006c10
   HuaweiS1700 Version-
HuaweiS1700 Firmware Versionv200r009c00
   HuaweiS1700 Version-
HuaweiS1700 Firmware Versionv200r010c00
   HuaweiS1700 Version-
HuaweiS2700 Firmware Versionv200r006c10
   HuaweiS2700 Version-
HuaweiS2700 Firmware Versionv200r007c00
   HuaweiS2700 Version-
HuaweiS2700 Firmware Versionv200r008c00
   HuaweiS2700 Version-
HuaweiS2700 Firmware Versionv200r009c00
   HuaweiS2700 Version-
HuaweiS2700 Firmware Versionv200r010c00
   HuaweiS2700 Version-
HuaweiS5700 Firmware Versionv200r006c00
   HuaweiS5700 Version-
HuaweiS5700 Firmware Versionv200r007c00
   HuaweiS5700 Version-
HuaweiS5700 Firmware Versionv200r008c00
   HuaweiS5700 Version-
HuaweiS5700 Firmware Versionv200r009c00
   HuaweiS5700 Version-
HuaweiS5700 Firmware Versionv200r010c00
   HuaweiS5700 Version-
HuaweiS6700 Firmware Versionv200r008c00
   HuaweiS6700 Version-
HuaweiS6700 Firmware Versionv200r009c00
   HuaweiS6700 Version-
HuaweiS6700 Firmware Versionv200r010c00
   HuaweiS6700 Version-
HuaweiS7700 Firmware Versionv200r007c00
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r008c00
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r009c00
   HuaweiS7700 Version-
HuaweiS7700 Firmware Versionv200r010c00
   HuaweiS7700 Version-
HuaweiS9700 Firmware Versionv200r007c00
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r007c01
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r008c00
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r009c00
   HuaweiS9700 Version-
HuaweiS9700 Firmware Versionv200r010c00
   HuaweiS9700 Version-
HuaweiSecospace Usg6300 Firmware Versionv500r001c00
   HuaweiSecospace Usg6300 Version-
HuaweiSecospace Usg6300 Firmware Versionv500r001c30
   HuaweiSecospace Usg6300 Version-
HuaweiSecospace Usg6500 Firmware Versionv500r001c00
   HuaweiSecospace Usg6500 Version-
HuaweiSecospace Usg6500 Firmware Versionv500r001c30
   HuaweiSecospace Usg6500 Version-
HuaweiSecospace Usg6600 Firmware Versionv500r001c00
   HuaweiSecospace Usg6600 Version-
HuaweiSecospace Usg6600 Firmware Versionv500r001c30s
   HuaweiSecospace Usg6600 Version-
HuaweiTe30 Firmware Versionv100r001c02
   HuaweiTe30 Version-
HuaweiTe30 Firmware Versionv100r001c10
   HuaweiTe30 Version-
HuaweiTe30 Firmware Versionv500r002c00
   HuaweiTe30 Version-
HuaweiTe30 Firmware Versionv600r006c00
   HuaweiTe30 Version-
HuaweiTe40 Firmware Versionv500r002c00
   HuaweiTe40 Version-
HuaweiTe40 Firmware Versionv600r006c00
   HuaweiTe40 Version-
HuaweiTe50 Firmware Versionv500r002c00
   HuaweiTe50 Version-
HuaweiTe50 Firmware Versionv600r006c00
   HuaweiTe50 Version-
HuaweiTe60 Firmware Versionv100r001c02
   HuaweiTe60 Version-
HuaweiTe60 Firmware Versionv100r001c10
   HuaweiTe60 Version-
HuaweiTe60 Firmware Versionv500r002c00
   HuaweiTe60 Version-
HuaweiTe60 Firmware Versionv600r006c00
   HuaweiTe60 Version-
HuaweiTp3106 Firmware Versionv100r002c00
   HuaweiTp3106 Version-
HuaweiTp3206 Firmware Versionv100r002c00
   HuaweiTp3206 Version-
HuaweiTp3206 Firmware Versionv100r002c10
   HuaweiTp3206 Version-
HuaweiUsg9500 Firmware Versionv500r001c00
   HuaweiUsg9500 Version-
HuaweiUsg9500 Firmware Versionv500r001c30
   HuaweiUsg9500 Version-
HuaweiViewpoint 9030 Firmware Versionv100r011c02
   HuaweiViewpoint 9030 Version-
HuaweiViewpoint 9030 Firmware Versionv100r011c03
   HuaweiViewpoint 9030 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.018
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:N/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.