CVE-2017-17160

EPSS 0.27%
Veröffentlicht 15.02.2018 16:29:02
Zuletzt bearbeitet 21.11.2024 03:17:36
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C02, AR3600 V200R006C10, V200R007C00, AR510 V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, NetEngine16EX V200R006C10, V200R007C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, SRG2300 V200R006C10, V200R007C00, V200R007C02, SRG3300 V200R006C10, V200R007C00 have a buffer overflow vulnerability due to incomplete range checks of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious IKE packets to the targeted device. An exploit could allow the attacker to cause the device to write out of bound and restart.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ Ar120-s Firmware Versionv200r006c10

Huawei ≫ Ar120-s Version-

Huawei ≫ Ar120-s Firmware Versionv200r007c00

Huawei ≫ Ar120-s Version-

Huawei ≫ Ar1200 Firmware Versionv200r006c10

Huawei ≫ Ar1200 Version-

Huawei ≫ Ar1200 Firmware Versionv200r006c13

Huawei ≫ Ar1200 Version-

Huawei ≫ Ar1200 Firmware Versionv200r007c00

Huawei ≫ Ar1200 Version-

Huawei ≫ Ar1200 Firmware Versionv200r007c02

Huawei ≫ Ar1200 Version-

Huawei ≫ Ar1200-s Firmware Versionv200r006c10

Huawei ≫ Ar1200-s Version-

Huawei ≫ Ar1200-s Firmware Versionv200r007c00

Huawei ≫ Ar1200-s Version-

Huawei ≫ Ar1200-s Firmware Versionv200r008c20

Huawei ≫ Ar1200-s Version-

Huawei ≫ Ar150 Firmware Versionv200r006c10

Huawei ≫ Ar150 Version-

Huawei ≫ Ar150 Firmware Versionv200r007c00

Huawei ≫ Ar150 Version-

Huawei ≫ Ar150 Firmware Versionv200r007c02

Huawei ≫ Ar150 Version-

Huawei ≫ Ar150-s Firmware Versionv200r006c10

Huawei ≫ Ar150-s Version-

Huawei ≫ Ar150-s Firmware Versionv200r007c00

Huawei ≫ Ar150-s Version-

Huawei ≫ Ar160 Firmware Versionv200r006c10

Huawei ≫ Ar160 Version-

Huawei ≫ Ar160 Firmware Versionv200r006c12

Huawei ≫ Ar160 Version-

Huawei ≫ Ar160 Firmware Versionv200r007c00

Huawei ≫ Ar160 Version-

Huawei ≫ Ar160 Firmware Versionv200r007c02

Huawei ≫ Ar160 Version-

Huawei ≫ Ar200 Firmware Versionv200r006c10

Huawei ≫ Ar200 Version-

Huawei ≫ Ar200 Firmware Versionv200r007c00

Huawei ≫ Ar200 Version-

Huawei ≫ Ar200-s Firmware Versionv200r006c10

Huawei ≫ Ar200-s Version-

Huawei ≫ Ar200-s Firmware Versionv200r007c00

Huawei ≫ Ar200-s Version-

Huawei ≫ Ar2200 Firmware Versionv200r006c10

Huawei ≫ Ar2200 Version-

Huawei ≫ Ar2200 Firmware Versionv200r006c13

Huawei ≫ Ar2200 Version-

Huawei ≫ Ar2200 Firmware Versionv200r006c16pwe

Huawei ≫ Ar2200 Version-

Huawei ≫ Ar2200 Firmware Versionv200r007c00

Huawei ≫ Ar2200 Version-

Huawei ≫ Ar2200-s Firmware Versionv200r006c10

Huawei ≫ Ar2200-s Version-

Huawei ≫ Ar2200-s Firmware Versionv200r007c00

Huawei ≫ Ar2200-s Version-

Huawei ≫ Ar2200-s Firmware Versionv200r008c20

Huawei ≫ Ar2200-s Version-

Huawei ≫ Ar3200 Firmware Versionv200r006c10

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3200 Firmware Versionv200r006c11

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3200 Firmware Versionv200r007c00

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3200 Firmware Versionv200r007c02

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3600 Firmware Versionv200r006c10

Huawei ≫ Ar3600 Version-

Huawei ≫ Ar3600 Firmware Versionv200r007c00

Huawei ≫ Ar3600 Version-

Huawei ≫ Ar510 Firmware Versionv200r006c12

Huawei ≫ Ar510 Version-

Huawei ≫ Ar510 Firmware Versionv200r006c13

Huawei ≫ Ar510 Version-

Huawei ≫ Ar510 Firmware Versionv200r006c15

Huawei ≫ Ar510 Version-

Huawei ≫ Ar510 Firmware Versionv200r006c16

Huawei ≫ Ar510 Version-

Huawei ≫ Ar510 Firmware Versionv200r006c17

Huawei ≫ Ar510 Version-

Huawei ≫ Ar510 Firmware Versionv200r007c00

Huawei ≫ Ar510 Version-

Huawei ≫ Netengine16ex Firmware Versionv200r006c10

Huawei ≫ Netengine16ex Version-

Huawei ≫ Netengine16ex Firmware Versionv200r007c00

Huawei ≫ Netengine16ex Version-

Huawei ≫ Srg1300 Firmware Versionv200r006c10

Huawei ≫ Srg1300 Version-

Huawei ≫ Srg1300 Firmware Versionv200r007c00

Huawei ≫ Srg1300 Version-

Huawei ≫ Srg1300 Firmware Versionv200r007c02

Huawei ≫ Srg1300 Version-

Huawei ≫ Srg2300 Firmware Versionv200r006c10

Huawei ≫ Srg2300 Version-

Huawei ≫ Srg2300 Firmware Versionv200r007c00

Huawei ≫ Srg2300 Version-

Huawei ≫ Srg2300 Firmware Versionv200r007c02

Huawei ≫ Srg2300 Version-

Huawei ≫ Srg3300 Firmware Versionv200r006c10

Huawei ≫ Srg3300 Version-

Huawei ≫ Srg3300 Firmware Versionv200r007c00

Huawei ≫ Srg3300 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.27%	0.47

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	7.1	8.6	6.9	AV:N/AC:M/Au:N/C:N/I:N/A:C

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-ike-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-17160

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-17160

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-17160

EUVD