4.9
CVE-2017-17303
- EPSS 0.09%
- Published 09.03.2018 17:29:01
- Last modified 21.11.2024 03:17:47
- Source psirt@huawei.com
- Teams watchlist Login
- Open Login
Huawei DP300 V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00B012; V500R002C00B013; V500R002C00B014; V500R002C00B017; V500R002C00B018; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC400; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; RP200 V500R002C00SPC200; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE30 V100R001C10SPC300; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700B010; V500R002C00SPC200; V500R002C00SPC500; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE40 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC900; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE50 V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPCb00; V600R006C00; V600R006C00SPC200; V600R006C00SPC300; TE60 V100R001C10; V100R001C10B001; V100R001C10B002; V100R001C10B010; V100R001C10B011; V100R001C10B012; V100R001C10B013; V100R001C10B014; V100R001C10B016; V100R001C10B017; V100R001C10B018; V100R001C10B019; V100R001C10SPC400; V100R001C10SPC500; V100R001C10SPC600; V100R001C10SPC700; V100R001C10SPC800B011; V100R001C10SPC900; V500R002C00; V500R002C00B010; V500R002C00B011; V500R002C00SPC100; V500R002C00SPC200; V500R002C00SPC300; V500R002C00SPC600; V500R002C00SPC700; V500R002C00SPC800; V500R002C00SPC900; V500R002C00SPCa00; V500R002C00SPCb00; V500R002C00SPCd00; V500R002C00SPCe00; V600R006C00; V600R006C00SPC100; V600R006C00SPC200; V600R006C00SPC300 use the CIDAM protocol, which contains sensitive information in the message when it is implemented. So these products has an information disclosure vulnerability. An authenticated remote attacker could track and get the message of a target system. Successful exploit could allow the attacker to get the information and cause the sensitive information disclosure.
Data is provided by the National Vulnerability Database (NVD)
Huawei ≫ Dp300 Firmware Versionv500r002c00
Huawei ≫ Dp300 Firmware Versionv500r002c00b010
Huawei ≫ Dp300 Firmware Versionv500r002c00b011
Huawei ≫ Dp300 Firmware Versionv500r002c00b012
Huawei ≫ Dp300 Firmware Versionv500r002c00b013
Huawei ≫ Dp300 Firmware Versionv500r002c00b014
Huawei ≫ Dp300 Firmware Versionv500r002c00b017
Huawei ≫ Dp300 Firmware Versionv500r002c00b018
Huawei ≫ Dp300 Firmware Versionv500r002c00spc100
Huawei ≫ Dp300 Firmware Versionv500r002c00spc200
Huawei ≫ Dp300 Firmware Versionv500r002c00spc300
Huawei ≫ Dp300 Firmware Versionv500r002c00spc400
Huawei ≫ Dp300 Firmware Versionv500r002c00spc500
Huawei ≫ Dp300 Firmware Versionv500r002c00spc600
Huawei ≫ Dp300 Firmware Versionv500r002c00spc800
Huawei ≫ Dp300 Firmware Versionv500r002c00spc900
Huawei ≫ Dp300 Firmware Versionv500r002c00spca00
Huawei ≫ Rp200 Firmware Versionv500r002c00spc200
Huawei ≫ Rp200 Firmware Versionv600r006c00
Huawei ≫ Rp200 Firmware Versionv600r006c00spc200
Huawei ≫ Rp200 Firmware Versionv600r006c00spc300
Huawei ≫ Te30 Firmware Versionv100r001c10spc300
Huawei ≫ Te30 Firmware Versionv100r001c10spc500
Huawei ≫ Te30 Firmware Versionv100r001c10spc600
Huawei ≫ Te30 Firmware Versionv100r001c10spc700b010
Huawei ≫ Te30 Firmware Versionv500r002c00spc200
Huawei ≫ Te30 Firmware Versionv500r002c00spc500
Huawei ≫ Te30 Firmware Versionv500r002c00spc600
Huawei ≫ Te30 Firmware Versionv500r002c00spc700
Huawei ≫ Te30 Firmware Versionv500r002c00spc900
Huawei ≫ Te30 Firmware Versionv500r002c00spcb00
Huawei ≫ Te30 Firmware Versionv600r006c00
Huawei ≫ Te30 Firmware Versionv600r006c00spc200
Huawei ≫ Te30 Firmware Versionv600r006c00spc300
Huawei ≫ Te40 Firmware Versionv500r002c00spc600
Huawei ≫ Te40 Firmware Versionv500r002c00spc700
Huawei ≫ Te40 Firmware Versionv500r002c00spc900
Huawei ≫ Te40 Firmware Versionv500r002c00spcb00
Huawei ≫ Te40 Firmware Versionv600r006c00
Huawei ≫ Te40 Firmware Versionv600r006c00spc200
Huawei ≫ Te40 Firmware Versionv600r006c00spc300
Huawei ≫ Te50 Firmware Versionv500r002c00spc600
Huawei ≫ Te50 Firmware Versionv500r002c00spc700
Huawei ≫ Te50 Firmware Versionv500r002c00spcb00
Huawei ≫ Te50 Firmware Versionv600r006c00
Huawei ≫ Te50 Firmware Versionv600r006c00spc200
Huawei ≫ Te50 Firmware Versionv600r006c00spc300
Huawei ≫ Te60 Firmware Versionv100r001c10
Huawei ≫ Te60 Firmware Versionv100r001c10b001
Huawei ≫ Te60 Firmware Versionv100r001c10b002
Huawei ≫ Te60 Firmware Versionv100r001c10b010
Huawei ≫ Te60 Firmware Versionv100r001c10b011
Huawei ≫ Te60 Firmware Versionv100r001c10b012
Huawei ≫ Te60 Firmware Versionv100r001c10b013
Huawei ≫ Te60 Firmware Versionv100r001c10b014
Huawei ≫ Te60 Firmware Versionv100r001c10b016
Huawei ≫ Te60 Firmware Versionv100r001c10b017
Huawei ≫ Te60 Firmware Versionv100r001c10b018
Huawei ≫ Te60 Firmware Versionv100r001c10b019
Huawei ≫ Te60 Firmware Versionv100r001c10spc400
Huawei ≫ Te60 Firmware Versionv100r001c10spc500
Huawei ≫ Te60 Firmware Versionv100r001c10spc600
Huawei ≫ Te60 Firmware Versionv100r001c10spc700
Huawei ≫ Te60 Firmware Versionv100r001c10spc800b011
Huawei ≫ Te60 Firmware Versionv100r001c10spc900
Huawei ≫ Te60 Firmware Versionv500r002c00
Huawei ≫ Te60 Firmware Versionv500r002c00b010
Huawei ≫ Te60 Firmware Versionv500r002c00b011
Huawei ≫ Te60 Firmware Versionv500r002c00spc100
Huawei ≫ Te60 Firmware Versionv500r002c00spc200
Huawei ≫ Te60 Firmware Versionv500r002c00spc300
Huawei ≫ Te60 Firmware Versionv500r002c00spc600
Huawei ≫ Te60 Firmware Versionv500r002c00spc700
Huawei ≫ Te60 Firmware Versionv500r002c00spc800
Huawei ≫ Te60 Firmware Versionv500r002c00spc900
Huawei ≫ Te60 Firmware Versionv500r002c00spca00
Huawei ≫ Te60 Firmware Versionv500r002c00spcb00
Huawei ≫ Te60 Firmware Versionv500r002c00spcd00
Huawei ≫ Te60 Firmware Versionv500r002c00spce00
Huawei ≫ Te60 Firmware Versionv600r006c00
Huawei ≫ Te60 Firmware Versionv600r006c00spc100
Huawei ≫ Te60 Firmware Versionv600r006c00spc200
Huawei ≫ Te60 Firmware Versionv600r006c00spc300
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.273 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.9 | 1.2 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.