5.3

CVE-2017-17298

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30, DP300 V500R002C00, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RP200 V500R002C00, V600R006C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, ViewPoint 9030 V100R011C02, V100R011C03 have a buffer overflow vulnerability. An unauthenticated, remote attacker may send specially crafted certificates to the affected products. Due to insufficient validation of the certificates, successful exploit may cause buffer overflow and some service abnormal.

Data is provided by the National Vulnerability Database (NVD)
HuaweiAr120-s Firmware Versionv200r006c10
   HuaweiAr120-s Version-
HuaweiAr120-s Firmware Versionv200r007c00
   HuaweiAr120-s Version-
HuaweiAr120-s Firmware Versionv200r008c20
   HuaweiAr120-s Version-
HuaweiAr120-s Firmware Versionv200r008c30
   HuaweiAr120-s Version-
HuaweiAr1200 Firmware Versionv200r006c10
   HuaweiAr1200 Version-
HuaweiAr1200 Firmware Versionv200r006c13
   HuaweiAr1200 Version-
HuaweiAr1200 Firmware Versionv200r007c00
   HuaweiAr1200 Version-
HuaweiAr1200 Firmware Versionv200r007c01
   HuaweiAr1200 Version-
HuaweiAr1200 Firmware Versionv200r007c02
   HuaweiAr1200 Version-
HuaweiAr1200 Firmware Versionv200r008c20
   HuaweiAr1200 Version-
HuaweiAr1200 Firmware Versionv200r008c30
   HuaweiAr1200 Version-
HuaweiAr1200-s Firmware Versionv200r006c10
   HuaweiAr1200-s Version-
HuaweiAr1200-s Firmware Versionv200r007c00
   HuaweiAr1200-s Version-
HuaweiAr1200-s Firmware Versionv200r008c20
   HuaweiAr1200-s Version-
HuaweiAr1200-s Firmware Versionv200r008c30
   HuaweiAr1200-s Version-
HuaweiAr150 Firmware Versionv200r006c10
   HuaweiAr150 Version-
HuaweiAr150 Firmware Versionv200r007c00
   HuaweiAr150 Version-
HuaweiAr150 Firmware Versionv200r007c01
   HuaweiAr150 Version-
HuaweiAr150 Firmware Versionv200r007c02
   HuaweiAr150 Version-
HuaweiAr150 Firmware Versionv200r008c20
   HuaweiAr150 Version-
HuaweiAr150 Firmware Versionv200r008c30
   HuaweiAr150 Version-
HuaweiAr150-s Firmware Versionv200r006c10
   HuaweiAr150-s Version-
HuaweiAr150-s Firmware Versionv200r007c00
   HuaweiAr150-s Version-
HuaweiAr150-s Firmware Versionv200r008c20
   HuaweiAr150-s Version-
HuaweiAr150-s Firmware Versionv200r008c30
   HuaweiAr150-s Version-
HuaweiAr160 Firmware Versionv200r006c10
   HuaweiAr160 Version-
HuaweiAr160 Firmware Versionv200r006c12
   HuaweiAr160 Version-
HuaweiAr160 Firmware Versionv200r007c00
   HuaweiAr160 Version-
HuaweiAr160 Firmware Versionv200r007c01
   HuaweiAr160 Version-
HuaweiAr160 Firmware Versionv200r007c02
   HuaweiAr160 Version-
HuaweiAr160 Firmware Versionv200r008c20
   HuaweiAr160 Version-
HuaweiAr160 Firmware Versionv200r008c30
   HuaweiAr160 Version-
HuaweiAr200 Firmware Versionv200r006c10
   HuaweiAr200 Version-
HuaweiAr200 Firmware Versionv200r007c00
   HuaweiAr200 Version-
HuaweiAr200 Firmware Versionv200r007c01
   HuaweiAr200 Version-
HuaweiAr200 Firmware Versionv200r008c20
   HuaweiAr200 Version-
HuaweiAr200 Firmware Versionv200r008c30
   HuaweiAr200 Version-
HuaweiAr200-s Firmware Versionv200r006c10
   HuaweiAr200-s Version-
HuaweiAr200-s Firmware Versionv200r007c00
   HuaweiAr200-s Version-
HuaweiAr200-s Firmware Versionv200r008c20
   HuaweiAr200-s Version-
HuaweiAr200-s Firmware Versionv200r008c30
   HuaweiAr200-s Version-
HuaweiAr2200 Firmware Versionv200r006c10
   HuaweiAr2200 Version-
HuaweiAr2200 Firmware Versionv200r006c13
   HuaweiAr2200 Version-
HuaweiAr2200 Firmware Versionv200r006c16
   HuaweiAr2200 Version-
HuaweiAr2200 Firmware Versionv200r007c00
   HuaweiAr2200 Version-
HuaweiAr2200 Firmware Versionv200r007c01
   HuaweiAr2200 Version-
HuaweiAr2200 Firmware Versionv200r007c02
   HuaweiAr2200 Version-
HuaweiAr2200 Firmware Versionv200r008c20
   HuaweiAr2200 Version-
HuaweiAr2200 Firmware Versionv200r008c30
   HuaweiAr2200 Version-
HuaweiAr2200-s Firmware Versionv200r006c10
   HuaweiAr2200-s Version-
HuaweiAr2200-s Firmware Versionv200r007c00
   HuaweiAr2200-s Version-
HuaweiAr2200-s Firmware Versionv200r008c20
   HuaweiAr2200-s Version-
HuaweiAr2200-s Firmware Versionv200r008c30
   HuaweiAr2200-s Version-
HuaweiAr3200 Firmware Versionv200r006c10
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r006c11
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r007c00
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r007c01
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r007c02
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r008c00
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r008c10
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r008c20
   HuaweiAr3200 Version-
HuaweiAr3200 Firmware Versionv200r008c30
   HuaweiAr3200 Version-
HuaweiAr3600 Firmware Versionv200r006c10
   HuaweiAr3600 Version-
HuaweiAr3600 Firmware Versionv200r007c00
   HuaweiAr3600 Version-
HuaweiAr3600 Firmware Versionv200r007c01
   HuaweiAr3600 Version-
HuaweiAr3600 Firmware Versionv200r008c20
   HuaweiAr3600 Version-
HuaweiAr510 Firmware Versionv200r006c10
   HuaweiAr510 Version-
HuaweiAr510 Firmware Versionv200r006c12
   HuaweiAr510 Version-
HuaweiAr510 Firmware Versionv200r006c13
   HuaweiAr510 Version-
HuaweiAr510 Firmware Versionv200r006c15
   HuaweiAr510 Version-
HuaweiAr510 Firmware Versionv200r006c16
   HuaweiAr510 Version-
HuaweiAr510 Firmware Versionv200r006c17
   HuaweiAr510 Version-
HuaweiAr510 Firmware Versionv200r007c00
   HuaweiAr510 Version-
HuaweiAr510 Firmware Versionv200r008c20
   HuaweiAr510 Version-
HuaweiAr510 Firmware Versionv200r008c30
   HuaweiAr510 Version-
HuaweiDp300 Firmware Versionv500r002c00
   HuaweiDp300 Version-
HuaweiNetengine16ex Firmware Versionv200r006c10
   HuaweiNetengine16ex Version-
HuaweiNetengine16ex Firmware Versionv200r007c00
   HuaweiNetengine16ex Version-
HuaweiNetengine16ex Firmware Versionv200r008c20
   HuaweiNetengine16ex Version-
HuaweiNetengine16ex Firmware Versionv200r008c30
   HuaweiNetengine16ex Version-
HuaweiRp200 Firmware Versionv500r002c00
   HuaweiRp200 Version-
HuaweiRp200 Firmware Versionv600r006c00
   HuaweiRp200 Version-
HuaweiSrg1300 Firmware Versionv200r006c10
   HuaweiSrg1300 Version-
HuaweiSrg1300 Firmware Versionv200r007c00
   HuaweiSrg1300 Version-
HuaweiSrg1300 Firmware Versionv200r007c02
   HuaweiSrg1300 Version-
HuaweiSrg1300 Firmware Versionv200r008c20
   HuaweiSrg1300 Version-
HuaweiSrg1300 Firmware Versionv200r008c30
   HuaweiSrg1300 Version-
HuaweiSrg2300 Firmware Versionv200r006c10
   HuaweiSrg2300 Version-
HuaweiSrg2300 Firmware Versionv200r007c00
   HuaweiSrg2300 Version-
HuaweiSrg2300 Firmware Versionv200r007c02
   HuaweiSrg2300 Version-
HuaweiSrg2300 Firmware Versionv200r008c20
   HuaweiSrg2300 Version-
HuaweiSrg2300 Firmware Versionv200r008c30
   HuaweiSrg2300 Version-
HuaweiSrg3300 Firmware Versionv200r006c10
   HuaweiSrg3300 Version-
HuaweiSrg3300 Firmware Versionv200r007c00
   HuaweiSrg3300 Version-
HuaweiSrg3300 Firmware Versionv200r008c20
   HuaweiSrg3300 Version-
HuaweiSrg3300 Firmware Versionv200r008c30
   HuaweiSrg3300 Version-
HuaweiTe30 Firmware Versionv100r001c02
   HuaweiTe30 Version-
HuaweiTe30 Firmware Versionv100r001c10
   HuaweiTe30 Version-
HuaweiTe30 Firmware Versionv500r002c00
   HuaweiTe30 Version-
HuaweiTe30 Firmware Versionv600r006c00
   HuaweiTe30 Version-
HuaweiTe40 Firmware Versionv500r002c00
   HuaweiTe40 Version-
HuaweiTe40 Firmware Versionv600r006c00
   HuaweiTe40 Version-
HuaweiTe50 Firmware Versionv500r002c00
   HuaweiTe50 Version-
HuaweiTe50 Firmware Versionv600r006c00
   HuaweiTe50 Version-
HuaweiTe60 Firmware Versionv100r001c01
   HuaweiTe60 Version-
HuaweiTe60 Firmware Versionv100r001c10
   HuaweiTe60 Version-
HuaweiTe60 Firmware Versionv500r002c00
   HuaweiTe60 Version-
HuaweiTe60 Firmware Versionv600r006c00
   HuaweiTe60 Version-
HuaweiTp3106 Firmware Versionv100r002c00
   HuaweiTp3106 Version-
HuaweiTp3206 Firmware Versionv100r002c00
   HuaweiTp3206 Version-
HuaweiTp3206 Firmware Versionv100r002c10
   HuaweiTp3206 Version-
HuaweiViewpoint 9030 Firmware Versionv100r011c02
   HuaweiViewpoint 9030 Version-
HuaweiViewpoint 9030 Firmware Versionv100r011c03
   HuaweiViewpoint 9030 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.12% 0.275
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.