7.8
CVE-2017-17300
- EPSS 0.42%
- Veröffentlicht 15.02.2018 16:29:03
- Zuletzt bearbeitet 21.11.2024 03:17:47
- Quelle psirt@huawei.com
- Teams Watchlist Login
- Unerledigt Login
Huawei S12700 V200R008C00, V200R009C00, S5700 V200R007C00, V200R008C00, V200R009C00, S6700 V200R008C00, V200R009C00, S7700 V200R008C00, V200R009C00, S9700 V200R008C00, V200R009C00 have a numeric errors vulnerability. An unauthenticated, remote attacker may send specific TCP messages with keychain authentication option to the affected products. Due to the improper validation of the messages, it will cause numeric errors when handling the messages. Successful exploit will cause the affected products to reset.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Huawei ≫ S12700 Firmware Versionv200r008c00
Huawei ≫ S12700 Firmware Versionv200r009c00
Huawei ≫ S5700 Firmware Versionv200r007c00
Huawei ≫ S5700 Firmware Versionv200r008c00
Huawei ≫ S5700 Firmware Versionv200r009c00
Huawei ≫ S6700 Firmware Versionv200r008c00
Huawei ≫ S6700 Firmware Versionv200r009c00
Huawei ≫ S7700 Firmware Versionv200r008c00
Huawei ≫ S7700 Firmware Versionv200r009c00
Huawei ≫ S9700 Firmware Versionv200r008c00
Huawei ≫ S9700 Firmware Versionv200r009c00
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.42% | 0.59 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.