9.8

CVE-2017-17301

EPSS 0.21%
Veröffentlicht 15.02.2018 16:29:03
Zuletzt bearbeitet 21.11.2024 03:17:47
Quelle psirt@huawei.com
Teams Watchlist Login
Unerledigt Login

Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30 V100R001C10, TE60 V100R003C00, V500R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660 V100R008C02, V100R008C03, eSpace IAD V300R002C01, eSpace U1981 V200R003C20, V200R003C30, eSpace USM V100R001C01, V300R001C00 have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain permissions configured for the specific user name.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Huawei ≫ Ar120-s Firmware Versionv200r005c32

Huawei ≫ Ar120-s Version-

Huawei ≫ Ar120-s Firmware Versionv200r006c10

Huawei ≫ Ar120-s Version-

Huawei ≫ Ar120-s Firmware Versionv200r007c00

Huawei ≫ Ar120-s Version-

Huawei ≫ Ar120-s Firmware Versionv200r008c20

Huawei ≫ Ar120-s Version-

Huawei ≫ Ar1200 Firmware Versionv200r005c20

Huawei ≫ Ar1200 Version-

Huawei ≫ Ar1200 Firmware Versionv200r005c32

Huawei ≫ Ar1200 Version-

Huawei ≫ Ar1200 Firmware Versionv200r006c10

Huawei ≫ Ar1200 Version-

Huawei ≫ Ar1200 Firmware Versionv200r007c00

Huawei ≫ Ar1200 Version-

Huawei ≫ Ar1200 Firmware Versionv200r007c01

Huawei ≫ Ar1200 Version-

Huawei ≫ Ar1200 Firmware Versionv200r007c02

Huawei ≫ Ar1200 Version-

Huawei ≫ Ar1200 Firmware Versionv200r008c20

Huawei ≫ Ar1200 Version-

Huawei ≫ Ar1200-s Firmware Versionv200r005c32

Huawei ≫ Ar1200-s Version-

Huawei ≫ Ar1200-s Firmware Versionv200r006c10

Huawei ≫ Ar1200-s Version-

Huawei ≫ Ar1200-s Firmware Versionv200r007c00

Huawei ≫ Ar1200-s Version-

Huawei ≫ Ar1200-s Firmware Versionv200r008c20

Huawei ≫ Ar1200-s Version-

Huawei ≫ Ar150 Firmware Versionv200r006c10

Huawei ≫ Ar150 Version-

Huawei ≫ Ar150 Firmware Versionv200r007c00

Huawei ≫ Ar150 Version-

Huawei ≫ Ar150 Firmware Versionv200r007c01

Huawei ≫ Ar150 Version-

Huawei ≫ Ar150 Firmware Versionv200r007c02

Huawei ≫ Ar150 Version-

Huawei ≫ Ar150 Firmware Versionv200r008c20

Huawei ≫ Ar150 Version-

Huawei ≫ Ar160 Firmware Versionv200r005c32

Huawei ≫ Ar160 Version-

Huawei ≫ Ar160 Firmware Versionv200r006c10

Huawei ≫ Ar160 Version-

Huawei ≫ Ar160 Firmware Versionv200r007c00

Huawei ≫ Ar160 Version-

Huawei ≫ Ar160 Firmware Versionv200r007c01

Huawei ≫ Ar160 Version-

Huawei ≫ Ar160 Firmware Versionv200r007c02

Huawei ≫ Ar160 Version-

Huawei ≫ Ar160 Firmware Versionv200r008c20

Huawei ≫ Ar160 Version-

Huawei ≫ Ar200 Firmware Versionv200r005c32

Huawei ≫ Ar200 Version-

Huawei ≫ Ar200 Firmware Versionv200r006c10

Huawei ≫ Ar200 Version-

Huawei ≫ Ar200 Firmware Versionv200r007c00

Huawei ≫ Ar200 Version-

Huawei ≫ Ar200 Firmware Versionv200r007c01

Huawei ≫ Ar200 Version-

Huawei ≫ Ar200 Firmware Versionv200r008c20

Huawei ≫ Ar200 Version-

Huawei ≫ Ar200-s Firmware Versionv200r005c32

Huawei ≫ Ar200-s Version-

Huawei ≫ Ar200-s Firmware Versionv200r006c10

Huawei ≫ Ar200-s Version-

Huawei ≫ Ar200-s Firmware Versionv200r007c00

Huawei ≫ Ar200-s Version-

Huawei ≫ Ar200-s Firmware Versionv200r007c01

Huawei ≫ Ar200-s Version-

Huawei ≫ Ar200-s Firmware Versionv200r008c20

Huawei ≫ Ar200-s Version-

Huawei ≫ Ar2200 Firmware Versionv200r005c20

Huawei ≫ Ar2200 Version-

Huawei ≫ Ar2200 Firmware Versionv200r005c32

Huawei ≫ Ar2200 Version-

Huawei ≫ Ar2200 Firmware Versionv200r006c10

Huawei ≫ Ar2200 Version-

Huawei ≫ Ar2200 Firmware Versionv200r007c00

Huawei ≫ Ar2200 Version-

Huawei ≫ Ar2200 Firmware Versionv200r007c01

Huawei ≫ Ar2200 Version-

Huawei ≫ Ar2200 Firmware Versionv200r007c02

Huawei ≫ Ar2200 Version-

Huawei ≫ Ar2200 Firmware Versionv200r008c20

Huawei ≫ Ar2200 Version-

Huawei ≫ Ar2200-s Firmware Versionv200r005c32

Huawei ≫ Ar2200-s Version-

Huawei ≫ Ar2200-s Firmware Versionv200r006c10

Huawei ≫ Ar2200-s Version-

Huawei ≫ Ar2200-s Firmware Versionv200r007c00

Huawei ≫ Ar2200-s Version-

Huawei ≫ Ar2200-s Firmware Versionv200r008c20

Huawei ≫ Ar2200-s Version-

Huawei ≫ Ar3200 Firmware Versionv200r005c32

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3200 Firmware Versionv200r006c10

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3200 Firmware Versionv200r006c11

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3200 Firmware Versionv200r007c00

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3200 Firmware Versionv200r007c01

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3200 Firmware Versionv200r007c02

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3200 Firmware Versionv200r008c00

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3200 Firmware Versionv200r008c10

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3200 Firmware Versionv200r008c20

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3200 Firmware Versionv200r008c30

Huawei ≫ Ar3200 Version-

Huawei ≫ Ar3600 Firmware Versionv200r006c10

Huawei ≫ Ar3600 Version-

Huawei ≫ Ar3600 Firmware Versionv200r007c00

Huawei ≫ Ar3600 Version-

Huawei ≫ Ar3600 Firmware Versionv200r007c01

Huawei ≫ Ar3600 Version-

Huawei ≫ Ar3600 Firmware Versionv200r008c20

Huawei ≫ Ar3600 Version-

Huawei ≫ Ar510 Firmware Versionv200r005c32

Huawei ≫ Ar510 Version-

Huawei ≫ Ar510 Firmware Versionv200r006c10

Huawei ≫ Ar510 Version-

Huawei ≫ Ar510 Firmware Versionv200r007c00

Huawei ≫ Ar510 Version-

Huawei ≫ Ar510 Firmware Versionv200r008c20

Huawei ≫ Ar510 Version-

Huawei ≫ Cloudengine 12800 Firmware Versionv100r003c00

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 12800 Firmware Versionv100r003c10

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 12800 Firmware Versionv100r005c00

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 12800 Firmware Versionv100r005c10

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 12800 Firmware Versionv100r006c00

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 12800 Firmware Versionv200r001c00

Huawei ≫ Cloudengine 12800 Version-

Huawei ≫ Cloudengine 5800 Firmware Versionv100r003c00

Huawei ≫ Cloudengine 5800 Version-

Huawei ≫ Cloudengine 5800 Firmware Versionv100r003c10

Huawei ≫ Cloudengine 5800 Version-

Huawei ≫ Cloudengine 5800 Firmware Versionv100r005c00

Huawei ≫ Cloudengine 5800 Version-

Huawei ≫ Cloudengine 5800 Firmware Versionv100r005c10

Huawei ≫ Cloudengine 5800 Version-

Huawei ≫ Cloudengine 5800 Firmware Versionv100r006c00

Huawei ≫ Cloudengine 5800 Version-

Huawei ≫ Cloudengine 5800 Firmware Versionv200r001c00

Huawei ≫ Cloudengine 5800 Version-

Huawei ≫ Cloudengine 6800 Firmware Versionv100r003c00

Huawei ≫ Cloudengine 6800 Version-

Huawei ≫ Cloudengine 6800 Firmware Versionv100r003c10

Huawei ≫ Cloudengine 6800 Version-

Huawei ≫ Cloudengine 6800 Firmware Versionv100r005c00

Huawei ≫ Cloudengine 6800 Version-

Huawei ≫ Cloudengine 6800 Firmware Versionv100r005c10

Huawei ≫ Cloudengine 6800 Version-

Huawei ≫ Cloudengine 6800 Firmware Versionv100r006c00

Huawei ≫ Cloudengine 6800 Version-

Huawei ≫ Cloudengine 6800 Firmware Versionv200r001c00

Huawei ≫ Cloudengine 6800 Version-

Huawei ≫ Cloudengine 7800 Firmware Versionv100r003c00

Huawei ≫ Cloudengine 7800 Version-

Huawei ≫ Cloudengine 7800 Firmware Versionv100r003c10

Huawei ≫ Cloudengine 7800 Version-

Huawei ≫ Cloudengine 7800 Firmware Versionv100r005c00

Huawei ≫ Cloudengine 7800 Version-

Huawei ≫ Cloudengine 7800 Firmware Versionv100r005c10

Huawei ≫ Cloudengine 7800 Version-

Huawei ≫ Cloudengine 7800 Firmware Versionv100r006c00

Huawei ≫ Cloudengine 7800 Version-

Huawei ≫ Cloudengine 7800 Firmware Versionv200r001c00

Huawei ≫ Cloudengine 7800 Version-

Huawei ≫ Dp300 Firmware Versionv500r002c00

Huawei ≫ Dp300 Version-

Huawei ≫ Smc2.0 Firmware Versionv100r003c10

Huawei ≫ Smc2.0 Version-

Huawei ≫ Smc2.0 Firmware Versionv100r005c00

Huawei ≫ Smc2.0 Version-

Huawei ≫ Smc2.0 Firmware Versionv500r002c00

Huawei ≫ Smc2.0 Version-

Huawei ≫ Srg1300 Firmware Versionv200r005c32

Huawei ≫ Srg1300 Version-

Huawei ≫ Srg1300 Firmware Versionv200r006c10

Huawei ≫ Srg1300 Version-

Huawei ≫ Srg1300 Firmware Versionv200r007c00

Huawei ≫ Srg1300 Version-

Huawei ≫ Srg1300 Firmware Versionv200r007c02

Huawei ≫ Srg1300 Version-

Huawei ≫ Srg1300 Firmware Versionv200r008c20

Huawei ≫ Srg1300 Version-

Huawei ≫ Srg2300 Firmware Versionv200r005c32

Huawei ≫ Srg2300 Version-

Huawei ≫ Srg2300 Firmware Versionv200r006c10

Huawei ≫ Srg2300 Version-

Huawei ≫ Srg2300 Firmware Versionv200r007c00

Huawei ≫ Srg2300 Version-

Huawei ≫ Srg2300 Firmware Versionv200r007c02

Huawei ≫ Srg2300 Version-

Huawei ≫ Srg2300 Firmware Versionv200r008c20

Huawei ≫ Srg2300 Version-

Huawei ≫ Srg3300 Firmware Versionv200r005c32

Huawei ≫ Srg3300 Version-

Huawei ≫ Srg3300 Firmware Versionv200r006c10

Huawei ≫ Srg3300 Version-

Huawei ≫ Srg3300 Firmware Versionv200r007c00

Huawei ≫ Srg3300 Version-

Huawei ≫ Srg3300 Firmware Versionv200r008c20

Huawei ≫ Srg3300 Version-

Huawei ≫ Te30 Firmware Versionv100r001c10

Huawei ≫ Te30 Version-

Huawei ≫ Te60 Firmware Versionv100r003c00

Huawei ≫ Te60 Version-

Huawei ≫ Te60 Firmware Versionv500r002c00

Huawei ≫ Te60 Version-

Huawei ≫ Vp9660 Firmware Versionv200r001c02

Huawei ≫ Vp9660 Version-

Huawei ≫ Vp9660 Firmware Versionv200r001c30

Huawei ≫ Vp9660 Version-

Huawei ≫ Vp9660 Firmware Versionv500r002c00

Huawei ≫ Vp9660 Version-

Huawei ≫ Viewpoint 8660 Firmware Versionv100r008c02

Huawei ≫ Viewpoint 8660 Version-

Huawei ≫ Viewpoint 8660 Firmware Versionv100r008c03

Huawei ≫ Viewpoint 8660 Version-

Huawei ≫ Espace Iad Firmware Versionv300r002c01

Huawei ≫ Espace Iad Version-

Huawei ≫ Espace U1981 Firmware Versionv200r003c20

Huawei ≫ Espace U1981 Version-

Huawei ≫ Espace U1981 Firmware Versionv200r003c30

Huawei ≫ Espace U1981 Version-

Huawei ≫ Espace Usm Firmware Versionv100r001c01

Huawei ≫ Espace Usm Version-

Huawei ≫ Espace Usm Firmware Versionv300r001c00

Huawei ≫ Espace Usm Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.21%	0.436

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-295 Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2017-17301

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-17301

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-17301

EUVD