ID CVE-2017-17137
Type cve
Reporter cve@mitre.org
Modified 2018-03-27T17:13:00
Description
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has an Out-of-Bounds memory access vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service.
{"id": "CVE-2017-17137", "bulletinFamily": "NVD", "title": "CVE-2017-17137", "description": "PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has an Out-of-Bounds memory access vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service.", "published": "2018-03-05T19:29:00", "modified": "2018-03-27T17:13:00", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17137", "reporter": "cve@mitre.org", "references": ["http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"], "cvelist": ["CVE-2017-17137"], "type": "cve", "lastseen": "2021-02-02T06:36:40", "edition": 4, "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "huawei", "idList": ["HUAWEI-SA-20171206-01-PEM"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310143979"]}], "modified": "2021-02-02T06:36:40", "rev": 2}, "score": {"value": 4.8, "vector": "NONE", "modified": "2021-02-02T06:36:40", "rev": 2}, "vulnersScore": 4.8}, "cpe": ["cpe:/o:huawei:rp200_firmware:v500r002c00", "cpe:/o:huawei:usg9500_firmware:v500r001c00", "cpe:/o:huawei:s9700_firmware:v200r009c00", "cpe:/o:huawei:s5700_firmware:v200r008c00", "cpe:/o:huawei:te40_firmware:v600r006c00", "cpe:/o:huawei:secospace_usg6300_firmware:v500r001c30", "cpe:/o:huawei:s7700_firmware:v200r010c00", "cpe:/o:huawei:ips_module_firmware:v500r001c30", "cpe:/o:huawei:s9700_firmware:v200r007c00", "cpe:/o:huawei:te60_firmware:v600r006c00", "cpe:/o:huawei:s9700_firmware:v200r010c00", "cpe:/o:huawei:te30_firmware:v100r001c10", "cpe:/o:huawei:s1700_firmware:v200r006c10", "cpe:/o:huawei:viewpoint_9030_firmware:v100r011c03", "cpe:/o:huawei:s12700_firmware:v200r007c00", "cpe:/o:huawei:tp3206_firmware:v100r002c10", "cpe:/o:huawei:nip6600_firmware:v500r001c30", "cpe:/o:huawei:secospace_usg6600_firmware:v500r001c00", "cpe:/o:huawei:dp300_firmware:v500r002c00", "cpe:/o:huawei:s2700_firmware:v200r006c10", "cpe:/o:huawei:usg9500_firmware:v500r001c30", "cpe:/o:huawei:s7700_firmware:v200r009c00", "cpe:/o:huawei:s12700_firmware:v200r007c01", "cpe:/o:huawei:s1700_firmware:v200r009c00", "cpe:/o:huawei:s6700_firmware:v200r009c00", "cpe:/o:huawei:s5700_firmware:v200r006c00", "cpe:/o:huawei:rp200_firmware:v600r006c00", "cpe:/o:huawei:nip6600_firmware:v500r001c00", "cpe:/o:huawei:s9700_firmware:v200r007c01", "cpe:/o:huawei:s7700_firmware:v200r008c00", "cpe:/o:huawei:s12700_firmware:v200r010c00", "cpe:/o:huawei:nip6300_firmware:v500r001c30", "cpe:/o:huawei:viewpoint_9030_firmware:v100r011c02", "cpe:/o:huawei:te40_firmware:v500r002c00", "cpe:/o:huawei:ngfw_module_firmware:v500r002c00", "cpe:/o:huawei:secospace_usg6300_firmware:v500r001c00", "cpe:/o:huawei:s7700_firmware:v200r007c00", "cpe:/o:huawei:s2700_firmware:v200r010c00", "cpe:/o:huawei:tp3106_firmware:v100r002c00", "cpe:/o:huawei:s2700_firmware:v200r009c00", "cpe:/o:huawei:te30_firmware:v100r001c02", "cpe:/o:huawei:te60_firmware:v100r001c10", "cpe:/o:huawei:s5700_firmware:v200r010c00", "cpe:/o:huawei:te60_firmware:v100r001c02", "cpe:/o:huawei:ips_module_firmware:v500r001c00", "cpe:/o:huawei:te50_firmware:v500r002c00", "cpe:/o:huawei:te60_firmware:v500r002c00", "cpe:/o:huawei:te30_firmware:v500r002c00", "cpe:/o:huawei:secospace_usg6500_firmware:v500r001c30", "cpe:/o:huawei:s1700_firmware:v200r010c00", "cpe:/o:huawei:secospace_usg6600_firmware:v500r001c30s", "cpe:/o:huawei:s6700_firmware:v200r010c00", "cpe:/o:huawei:te30_firmware:v600r006c00", "cpe:/o:huawei:s12700_firmware:v200r008c00", "cpe:/o:huawei:s9700_firmware:v200r008c00", "cpe:/o:huawei:ngfw_module_firmware:v500r001c00", "cpe:/o:huawei:secospace_usg6500_firmware:v500r001c00", "cpe:/o:huawei:s5700_firmware:v200r009c00", "cpe:/o:huawei:s6700_firmware:v200r008c00", "cpe:/o:huawei:s5700_firmware:v200r007c00", "cpe:/o:huawei:nip6300_firmware:v500r001c00", "cpe:/o:huawei:s2700_firmware:v200r008c00", "cpe:/o:huawei:s2700_firmware:v200r007c00", "cpe:/o:huawei:s12700_firmware:v200r009c00", "cpe:/o:huawei:te50_firmware:v600r006c00", "cpe:/o:huawei:tp3206_firmware:v100r002c00"], "affectedSoftware": [{"cpeName": "huawei:te30_firmware", "name": "huawei te30 firmware", "operator": "eq", "version": "v500r002c00"}, {"cpeName": "huawei:nip6600_firmware", "name": "huawei nip6600 firmware", "operator": "eq", "version": "v500r001c00"}, {"cpeName": "huawei:te40_firmware", "name": "huawei te40 firmware", "operator": "eq", "version": "v500r002c00"}, {"cpeName": "huawei:te50_firmware", "name": "huawei te50 firmware", "operator": "eq", "version": "v600r006c00"}, {"cpeName": "huawei:s2700_firmware", "name": "huawei s2700 firmware", "operator": "eq", "version": "v200r008c00"}, {"cpeName": "huawei:te60_firmware", "name": "huawei te60 firmware", "operator": "eq", "version": "v100r001c02"}, {"cpeName": "huawei:usg9500_firmware", "name": "huawei usg9500 firmware", "operator": "eq", "version": "v500r001c30"}, {"cpeName": "huawei:s12700_firmware", "name": "huawei s12700 firmware", "operator": "eq", "version": "v200r008c00"}, {"cpeName": "huawei:s12700_firmware", "name": "huawei s12700 firmware", "operator": "eq", "version": "v200r007c01"}, {"cpeName": "huawei:tp3206_firmware", "name": "huawei tp3206 firmware", "operator": "eq", "version": "v100r002c10"}, {"cpeName": "huawei:s6700_firmware", "name": "huawei s6700 firmware", "operator": "eq", "version": "v200r010c00"}, {"cpeName": "huawei:secospace_usg6600_firmware", "name": "huawei secospace usg6600 firmware", "operator": "eq", "version": "v500r001c00"}, {"cpeName": "huawei:rp200_firmware", "name": "huawei rp200 firmware", "operator": "eq", "version": "v600r006c00"}, {"cpeName": "huawei:s12700_firmware", "name": "huawei s12700 firmware", "operator": "eq", "version": "v200r007c00"}, {"cpeName": "huawei:te30_firmware", "name": "huawei te30 firmware", "operator": "eq", "version": "v600r006c00"}, {"cpeName": "huawei:s5700_firmware", "name": "huawei s5700 firmware", "operator": "eq", "version": "v200r007c00"}, {"cpeName": "huawei:s7700_firmware", "name": "huawei s7700 firmware", "operator": "eq", "version": "v200r007c00"}, {"cpeName": "huawei:ngfw_module_firmware", "name": "huawei ngfw module firmware", "operator": "eq", "version": "v500r002c00"}, {"cpeName": "huawei:ips_module_firmware", "name": "huawei ips module firmware", "operator": "eq", "version": "v500r001c00"}, {"cpeName": "huawei:s9700_firmware", "name": "huawei s9700 firmware", "operator": "eq", "version": "v200r007c00"}, {"cpeName": "huawei:secospace_usg6300_firmware", "name": "huawei secospace usg6300 firmware", "operator": "eq", "version": "v500r001c00"}, {"cpeName": "huawei:te60_firmware", "name": "huawei te60 firmware", "operator": "eq", "version": "v100r001c10"}, {"cpeName": "huawei:s12700_firmware", "name": "huawei s12700 firmware", "operator": "eq", "version": "v200r009c00"}, {"cpeName": "huawei:secospace_usg6500_firmware", "name": "huawei secospace usg6500 firmware", "operator": "eq", "version": "v500r001c30"}, {"cpeName": "huawei:s7700_firmware", "name": "huawei s7700 firmware", "operator": "eq", "version": "v200r010c00"}, {"cpeName": "huawei:s9700_firmware", "name": "huawei s9700 firmware", "operator": "eq", "version": "v200r008c00"}, {"cpeName": "huawei:s1700_firmware", "name": "huawei s1700 firmware", "operator": "eq", "version": "v200r006c10"}, {"cpeName": "huawei:nip6300_firmware", "name": "huawei nip6300 firmware", "operator": "eq", "version": "v500r001c30"}, {"cpeName": "huawei:te40_firmware", "name": "huawei te40 firmware", "operator": "eq", "version": "v600r006c00"}, {"cpeName": "huawei:s2700_firmware", "name": "huawei s2700 firmware", "operator": "eq", "version": "v200r006c10"}, {"cpeName": "huawei:usg9500_firmware", "name": "huawei usg9500 firmware", "operator": "eq", "version": "v500r001c00"}, {"cpeName": "huawei:te30_firmware", "name": "huawei te30 firmware", "operator": "eq", "version": "v100r001c10"}, {"cpeName": "huawei:viewpoint_9030_firmware", "name": "huawei viewpoint 9030 firmware", "operator": "eq", "version": "v100r011c03"}, {"cpeName": "huawei:s6700_firmware", "name": "huawei s6700 firmware", "operator": "eq", "version": "v200r009c00"}, {"cpeName": "huawei:nip6300_firmware", "name": "huawei nip6300 firmware", "operator": "eq", "version": "v500r001c00"}, {"cpeName": "huawei:s9700_firmware", "name": "huawei s9700 firmware", "operator": "eq", "version": "v200r009c00"}, {"cpeName": "huawei:s7700_firmware", "name": "huawei s7700 firmware", "operator": "eq", "version": "v200r009c00"}, {"cpeName": "huawei:ips_module_firmware", "name": "huawei ips module firmware", "operator": "eq", "version": "v500r001c30"}, {"cpeName": "huawei:secospace_usg6300_firmware", "name": "huawei secospace usg6300 firmware", "operator": "eq", "version": "v500r001c30"}, {"cpeName": "huawei:s9700_firmware", "name": "huawei s9700 firmware", "operator": "eq", "version": "v200r007c01"}, {"cpeName": "huawei:viewpoint_9030_firmware", "name": "huawei viewpoint 9030 firmware", "operator": "eq", "version": "v100r011c02"}, {"cpeName": "huawei:s5700_firmware", "name": "huawei s5700 firmware", "operator": "eq", "version": "v200r006c00"}, {"cpeName": "huawei:tp3206_firmware", "name": "huawei tp3206 firmware", "operator": "eq", "version": "v100r002c00"}, {"cpeName": "huawei:nip6600_firmware", "name": "huawei nip6600 firmware", "operator": "eq", "version": "v500r001c30"}, {"cpeName": "huawei:dp300_firmware", "name": "huawei dp300 firmware", "operator": "eq", "version": "v500r002c00"}, {"cpeName": "huawei:te50_firmware", "name": "huawei te50 firmware", "operator": "eq", "version": "v500r002c00"}, {"cpeName": "huawei:s6700_firmware", "name": "huawei s6700 firmware", "operator": "eq", "version": "v200r008c00"}, {"cpeName": "huawei:s5700_firmware", "name": "huawei s5700 firmware", "operator": "eq", "version": "v200r010c00"}, {"cpeName": "huawei:s5700_firmware", "name": "huawei s5700 firmware", "operator": "eq", "version": "v200r009c00"}, {"cpeName": "huawei:te30_firmware", "name": "huawei te30 firmware", "operator": "eq", "version": "v100r001c02"}, {"cpeName": "huawei:s5700_firmware", "name": "huawei s5700 firmware", "operator": "eq", "version": "v200r008c00"}, {"cpeName": "huawei:s12700_firmware", "name": "huawei s12700 firmware", "operator": "eq", "version": "v200r010c00"}, {"cpeName": "huawei:ngfw_module_firmware", "name": "huawei ngfw module firmware", "operator": "eq", "version": "v500r001c00"}, {"cpeName": "huawei:secospace_usg6500_firmware", "name": "huawei secospace usg6500 firmware", "operator": "eq", "version": "v500r001c00"}, {"cpeName": "huawei:s2700_firmware", "name": "huawei s2700 firmware", "operator": "eq", "version": "v200r010c00"}, {"cpeName": "huawei:s7700_firmware", "name": "huawei s7700 firmware", "operator": "eq", "version": "v200r008c00"}, {"cpeName": "huawei:s1700_firmware", "name": "huawei s1700 firmware", "operator": "eq", "version": "v200r010c00"}, {"cpeName": "huawei:secospace_usg6600_firmware", "name": "huawei secospace usg6600 firmware", "operator": "eq", "version": "v500r001c30s"}, {"cpeName": "huawei:rp200_firmware", "name": "huawei rp200 firmware", "operator": "eq", "version": "v500r002c00"}, {"cpeName": "huawei:te60_firmware", "name": "huawei te60 firmware", "operator": "eq", "version": "v500r002c00"}, {"cpeName": "huawei:te60_firmware", "name": "huawei te60 firmware", "operator": "eq", "version": "v600r006c00"}, {"cpeName": "huawei:s2700_firmware", "name": "huawei s2700 firmware", "operator": "eq", "version": "v200r009c00"}, {"cpeName": "huawei:s1700_firmware", "name": "huawei s1700 firmware", "operator": "eq", "version": "v200r009c00"}, {"cpeName": "huawei:s9700_firmware", "name": "huawei s9700 firmware", "operator": "eq", "version": "v200r010c00"}, {"cpeName": "huawei:tp3106_firmware", "name": "huawei tp3106 firmware", "operator": "eq", "version": "v100r002c00"}, {"cpeName": "huawei:s2700_firmware", "name": "huawei s2700 firmware", "operator": "eq", "version": "v200r007c00"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 3.6}, "cpe23": ["cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:usg9500_firmware:v500r001c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:tp3206_firmware:v100r002c10:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s2700_firmware:v200r006c10:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s12700_firmware:v200r009c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:ips_module_firmware:v500r001c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s7700_firmware:v200r009c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:nip6600_firmware:v500r001c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s1700_firmware:v200r009c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s5700_firmware:v200r009c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s2700_firmware:v200r010c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s6700_firmware:v200r009c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s2700_firmware:v200r009c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30s:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s1700_firmware:v200r006c10:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:tp3206_firmware:v100r002c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:te60_firmware:v100r001c02:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:nip6300_firmware:v500r001c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s9700_firmware:v200r009c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s2700_firmware:v200r007c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*", "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*"], "cwe": ["CWE-125", "CWE-787"], "scheme": null, "affectedConfiguration": [{"cpeName": "huawei:secospace_usg6500", "name": "huawei secospace usg6500", "operator": "eq", "version": "-"}, {"cpeName": "huawei:nip6600", "name": "huawei nip6600", "operator": "eq", "version": "-"}, {"cpeName": "huawei:s6700", "name": "huawei s6700", "operator": "eq", "version": "-"}, {"cpeName": "huawei:te40", "name": "huawei te40", "operator": "eq", "version": "-"}, {"cpeName": "huawei:te50", "name": "huawei te50", "operator": "eq", "version": "-"}, {"cpeName": "huawei:secospace_usg6300", "name": "huawei secospace usg6300", "operator": "eq", "version": "-"}, {"cpeName": "huawei:ngfw_module", "name": "huawei ngfw module", "operator": "eq", "version": "-"}, {"cpeName": "huawei:s2700", "name": "huawei s2700", "operator": "eq", "version": "-"}, {"cpeName": "huawei:s9700", "name": "huawei s9700", "operator": "eq", "version": "-"}, {"cpeName": "huawei:viewpoint_9030", "name": "huawei viewpoint 9030", "operator": "eq", "version": "-"}, {"cpeName": "huawei:dp300", "name": "huawei dp300", "operator": "eq", "version": "-"}, {"cpeName": "huawei:ips_module", "name": "huawei ips module", "operator": "eq", "version": "-"}, {"cpeName": "huawei:s7700", "name": "huawei s7700", "operator": "eq", "version": "-"}, {"cpeName": "huawei:tp3106", "name": "huawei tp3106", "operator": "eq", "version": "-"}, {"cpeName": "huawei:tp3206", "name": "huawei tp3206", "operator": "eq", "version": "-"}, {"cpeName": "huawei:s1700", "name": "huawei s1700", "operator": "eq", "version": "-"}, {"cpeName": "huawei:te30", "name": "huawei te30", "operator": "eq", "version": "-"}, {"cpeName": "huawei:rp200", "name": "huawei rp200", "operator": "eq", "version": "-"}, {"cpeName": "huawei:te60", "name": "huawei te60", "operator": "eq", "version": "-"}, {"cpeName": "huawei:secospace_usg6600", "name": "huawei secospace usg6600", "operator": "eq", "version": "-"}, {"cpeName": "huawei:s12700", "name": "huawei s12700", "operator": "eq", "version": "-"}, {"cpeName": "huawei:s5700", "name": "huawei s5700", "operator": "eq", "version": "-"}, {"cpeName": "huawei:usg9500", "name": "huawei usg9500", "operator": "eq", "version": "-"}, {"cpeName": "huawei:nip6300", "name": "huawei nip6300", "operator": "eq", "version": "-"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:s1700:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:s1700_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s1700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s1700_firmware:v200r009c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:s7700:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:s7700_firmware:v200r008c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s7700_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s7700_firmware:v200r009c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s7700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:nip6600_firmware:v500r001c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:nip6600:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:secospace_usg6500_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:secospace_usg6500:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:tp3206:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:tp3206_firmware:v100r002c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:tp3206_firmware:v100r002c10:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:usg9500_firmware:v500r001c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:te40:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:te40_firmware:v600r006c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:te40_firmware:v500r002c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:te60:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:te60_firmware:v500r002c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:te60_firmware:v600r006c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:te60_firmware:v100r001c02:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:te60_firmware:v100r001c10:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:te30_firmware:v600r006c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:te30_firmware:v100r001c02:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:te30_firmware:v100r001c10:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:te30_firmware:v500r002c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:te30:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:s9700:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:s9700_firmware:v200r008c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s9700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s9700_firmware:v200r007c01:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s9700_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s9700_firmware:v200r009c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r009c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:s12700:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:s12700_firmware:v200r009c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s12700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s12700_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s12700_firmware:v200r007c01:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s12700_firmware:v200r008c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:v200r009c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s6700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:s2700_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s2700_firmware:v200r009c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:s2700_firmware:v200r010c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:ngfw_module:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r002c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:ngfw_module_firmware:v500r001c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:tp3106_firmware:v100r002c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:tp3106:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:secospace_usg6300_firmware:v500r001c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:secospace_usg6600_firmware:v500r001c30s:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:te50:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:te50_firmware:v600r006c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:te50_firmware:v500r002c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:rp200_firmware:v500r002c00:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:rp200_firmware:v600r006c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:rp200:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}], "operator": "AND"}, {"children": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*", "vulnerable": false}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}], "operator": "AND"}]}, "extraReferences": [{"name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en", "refsource": "CONFIRM", "tags": ["Vendor Advisory"], "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"}]}
{"huawei": [{"lastseen": "2019-02-01T18:02:00", "bulletinFamily": "software", "cvelist": ["CVE-2017-17138", "CVE-2017-17135", "CVE-2017-17137", "CVE-2017-17136"], "description": "Products\n\nSwitches\nRouters\nWLAN\nServers\nSee All\n\n\n\nSolutions\n\nCloud Data Center\nEnterprise Networking\nWireless Private Network\nSolutions by Industry\nSee All\n\n\n\nServices\n\nTraining and Certification\nICT Lifecycle Services\nTechnology Services\nIndustry Solution Services\nSee All\n\n\n\nSee all offerings at e.huawei.com\n\n\n\nNeed Support ?\n\nProduct Support\nSoftware Download\nCommunity\nTools\n\nGo to Full Support", "edition": 1, "modified": "2018-04-18T00:00:00", "published": "2017-12-06T00:00:00", "id": "HUAWEI-SA-20171206-01-PEM", "href": "https://www.huawei.com/en/psirt/security-advisories/2017/huawei-sa-20171206-01-pem-en", "title": "Security Advisory - Multiple Vulnerabilities of PEM Module in Some Huawei Products", "type": "huawei", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2020-07-21T20:01:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-17138", "CVE-2017-17135", "CVE-2017-17137", "CVE-2017-17136"], "description": "There is a null pointer reference vulnerability in PEM module of Huawei products due to insufficient verification.", "modified": "2020-07-01T00:00:00", "published": "2020-05-26T00:00:00", "id": "OPENVAS:1361412562310143979", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310143979", "type": "openvas", "title": "Huawei Data Communication: Multiple Vulnerabilities of PEM Module in Some Huawei Products (huawei-sa-20171206-01-pem)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.143979\");\n script_version(\"2020-07-01T10:13:00+0000\");\n script_tag(name:\"last_modification\", value:\"2020-07-01 10:13:00 +0000 (Wed, 01 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-26 08:06:13 +0000 (Tue, 26 May 2020)\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2017-17135\", \"CVE-2017-17136\", \"CVE-2017-17137\", \"CVE-2017-17138\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Huawei Data Communication: Multiple Vulnerabilities of PEM Module in Some Huawei Products (huawei-sa-20171206-01-pem)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei\");\n script_dependencies(\"gb_huawei_vrp_network_device_consolidation.nasl\");\n script_mandatory_keys(\"huawei/vrp/detected\");\n\n script_tag(name:\"summary\", value:\"There is a null pointer reference vulnerability in PEM module of Huawei products due to insufficient verification.\");\n\n script_tag(name:\"insight\", value:\"There is a null pointer reference vulnerability in PEM module of Huawei products due to insufficient verification. An authenticated local attacker calls PEM decoder with special parameter, which could cause a denial of service. (Vulnerability ID: HWPSIRT-2017-06047)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17135.There is a heap overflow vulnerability in PEM module of Huawei products due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service. (Vulnerability ID: HWPSIRT-2017-06048)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17136.There is an Out-of-Bounds memory access vulnerability in PEM module of Huawei products due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service. (Vulnerability ID: HWPSIRT-2017-06049)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17137.There is a DoS vulnerability in PEM module of Huawei products due to insufficient verification. An authenticated local attacker can make processing into deadloop by a malicious certificate.The attacker can exploit this vulnerability to cause a denial of service. (Vulnerability ID: HWPSIRT-2017-06050)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17138.Huawei has released software updates to fix these vulnerabilities. This advisory is available in the linked references.\");\n\n script_tag(name:\"impact\", value:\"The attacker can exploit these vulnerabilities to cause a denial of service.\");\n\n script_tag(name:\"affected\", value:\"DBS3900 TDD LTE versions V100R003C00 V100R004C10\n\n DP300 versions V500R002C00\n\n IPS Module versions V500R001C00 V500R001C30SPC100\n\n NGFW Module versions V500R001C00 V500R002C00SPC100\n\n NIP6300 versions V500R001C00 V500R001C30SPC100\n\n NIP6600 versions V500R001C00 V500R001C30SPC100\n\n RP200 versions V500R002C00SPC200 V600R006C00\n\n S12700 versions V200R007C00 V200R007C01 V200R008C00 V200R009C00 V200R010C00\n\n S1700 versions V200R006C10SPC100 V200R009C00SPC200 V200R010C00\n\n S2700 versions V200R006C10 V200R007C00 V200R008C00 V200R009C00 V200R010C00\n\n S5700 versions V200R006C00SPC100 V200R007C00 V200R008C00 V200R009C00 V200R010C00\n\n S6700 versions V200R008C00 V200R009C00 V200R010C00\n\n S7700 versions V200R007C00 V200R008C00 V200R009C00 V200R010C00\n\n S9700 versions V200R007C00 V200R007C01 V200R008C00 V200R009C00 V200R010C00\n\n Secospace USG6300 versions V500R001C00 V500R001C30SPC100\n\n Secospace USG6500 versions V500R001C00 V500R001C30SPC100\n\n Secospace USG6600 versions V500R001C00 V500R001C30SPC100\n\n TE30 versions V100R001C02SPC100 V100R001C10 V500R002C00SPC200 V600R006C00\n\n TE40 versions V500R002C00SPC600 V600R006C00\n\n TE50 versions V500R002C00SPC600 V600R006C00\n\n TE60 versions V100R001C01SPC100 V100R001C10 V500R002C00 V600R006C00\n\n TP3106 versions V100R002C00\n\n TP3206 versions V100R002C00 V100R002C10\n\n USG9500 versions V500R001C00 V500R001C30SPC100\n\n ViewPoint 9030 versions V100R011C02SPC100 V100R011C03SPC100\");\n\n script_tag(name:\"solution\", value:\"TE40 Resolved Product and Version: TEX0 V600R006C00SPC400\n\n Secospace USG6600 Resolved Product and Version: V500R001C60SPC200\n\n USG9500 Resolved Product and Version: V500R002C20SPC200\n\n DBS3900 TDD LTE Resolved Product and Version: V100R004C10SPC500\n\n ViewPoint 9030 Resolved Product and Version: V100R011C03SPC800\n\n NGFW Module Resolved Product and Version: V500R001C60SPC200\n\n S9700 Resolved Product and Version: V200R011C10\n\n TP3106 Resolved Product and Version: TP3206 V100R002C00SPC800\n\n Secospace USG6300 Resolved Product and Version: V500R001C60SPC200\n\n S7700 Resolved Product and Version: V200R011C10\n\n TE50 Resolved Product and Version: TEX0 V600R006C00SPC400\n\n NIP6300 Resolved Product and Version: V500R001C60SPC200\n\n RP200 Resolved Product and Version: TEX0 V600R006C00SPC400\n\n S12700 Resolved Product and Version: V200R011C10\n\n S1700 Resolved Product and Version: V200R011C10\n\n TE60 Resolved Product and Version: TEX0 V600R006C00SPC400\n\n S6700 Resolved Product and Version: V200R011C10\n\n TP3206 Resolved Product and Version: V100R002C00SPC800\n\n DP300 Resolved Product and Version: V500R002C00SPCb00\n\n S2700 Resolved Product and Version: V200R011C10\n\n S5700 Resolved Product and Version: V200R011C10\n\n NIP6600 Resolved Product and Version: V500R001C60SPC200\n\n IPS Module Resolved Product and Version: V500R001C60SPC200\n\n Secospace USG6500 Resolved Product and Version: V500R001C60SPC200\n\n TE30 Resolved Product and Version: TEX0 V600R006C00SPC400\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_xref(name:\"URL\", value:\"https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\ncpe_list = make_list(\"cpe:/o:huawei:dbs3900_tdd_lte_firmware\",\n \"cpe:/o:huawei:dp300_firmware\",\n \"cpe:/o:huawei:ips_module_firmware\",\n \"cpe:/o:huawei:ngfw_module_firmware\",\n \"cpe:/o:huawei:nip6300_firmware\",\n \"cpe:/o:huawei:nip6600_firmware\",\n \"cpe:/o:huawei:rp200_firmware\",\n \"cpe:/o:huawei:s12700_firmware\",\n \"cpe:/o:huawei:s1700_firmware\",\n \"cpe:/o:huawei:s2700_firmware\",\n \"cpe:/o:huawei:s5700_firmware\",\n \"cpe:/o:huawei:s6700_firmware\",\n \"cpe:/o:huawei:s7700_firmware\",\n \"cpe:/o:huawei:s9700_firmware\",\n \"cpe:/o:huawei:usg6300_firmware\",\n \"cpe:/o:huawei:usg6500_firmware\",\n \"cpe:/o:huawei:usg6600_firmware\",\n \"cpe:/o:huawei:te30_firmware\",\n \"cpe:/o:huawei:te40_firmware\",\n \"cpe:/o:huawei:te50_firmware\",\n \"cpe:/o:huawei:te60_firmware\",\n \"cpe:/o:huawei:tp3106_firmware\",\n \"cpe:/o:huawei:tp3206_firmware\",\n \"cpe:/o:huawei:usg9500_firmware\",\n \"cpe:/o:huawei:viewpoint_9030_firmware\");\n\nif (!infos = get_app_version_from_list(cpe_list: cpe_list, nofork: TRUE))\n exit(0);\n\ncpe = infos[\"cpe\"];\nversion = toupper(infos[\"version\"]);\npatch = get_kb_item(\"huawei/vrp/patch\");\n\nif (cpe == \"cpe:/o:huawei:dbs3900_tdd_lte_firmware\") {\n if(version == \"V100R003C00\" || version == \"V100R004C10\") {\n if (!patch || version_is_less(version: patch, test_version: \"V100R004C10SPC500\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V100R004C10SPC500\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:dp300_firmware\") {\n if(version == \"V500R002C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V500R002C00SPCb00\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V500R002C00SPCb00\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:ips_module_firmware\") {\n if(version == \"V500R001C00\" || version == \"V500R001C30SPC100\") {\n if (!patch || version_is_less(version: patch, test_version: \"V500R001C60SPC200\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V500R001C60SPC200\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:ngfw_module_firmware\") {\n if(version == \"V500R001C00\" || version == \"V500R002C00SPC100\") {\n if (!patch || version_is_less(version: patch, test_version: \"V500R001C60SPC200\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V500R001C60SPC200\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:nip6300_firmware\") {\n if(version == \"V500R001C00\" || version == \"V500R001C30SPC100\") {\n if (!patch || version_is_less(version: patch, test_version: \"V500R001C60SPC200\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V500R001C60SPC200\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:nip6600_firmware\") {\n if(version == \"V500R001C00\" || version == \"V500R001C30SPC100\") {\n if (!patch || version_is_less(version: patch, test_version: \"V500R001C60SPC200\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V500R001C60SPC200\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:rp200_firmware\") {\n if(version == \"V500R002C00SPC200\" || version == \"V600R006C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V600R006C00SPC400\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V600R006C00SPC400\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:s12700_firmware\") {\n if(version == \"V200R007C00\" || version == \"V200R007C01\" || version == \"V200R008C00\" || version == \"V200R009C00\" || version == \"V200R010C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V200R011C10\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V200R011C10\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:s1700_firmware\") {\n if(version == \"V200R006C10SPC100\" || version == \"V200R009C00SPC200\" || version == \"V200R010C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V200R011C10\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V200R011C10\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:s2700_firmware\") {\n if(version == \"V200R006C10\" || version == \"V200R007C00\" || version == \"V200R008C00\" || version == \"V200R009C00\" || version == \"V200R010C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V200R011C10\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V200R011C10\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:s5700_firmware\") {\n if(version == \"V200R006C00SPC100\" || version == \"V200R007C00\" || version == \"V200R008C00\" || version == \"V200R009C00\" || version == \"V200R010C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V200R011C10\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V200R011C10\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:s6700_firmware\") {\n if(version == \"V200R008C00\" || version == \"V200R009C00\" || version == \"V200R010C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V200R011C10\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V200R011C10\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:s7700_firmware\") {\n if(version == \"V200R007C00\" || version == \"V200R008C00\" || version == \"V200R009C00\" || version == \"V200R010C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V200R011C10\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V200R011C10\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:s9700_firmware\") {\n if(version == \"V200R007C00\" || version == \"V200R007C01\" || version == \"V200R008C00\" || version == \"V200R009C00\" || version == \"V200R010C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V200R011C10\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V200R011C10\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:usg6300_firmware\") {\n if(version == \"V500R001C00\" || version == \"V500R001C30SPC100\") {\n if (!patch || version_is_less(version: patch, test_version: \"V500R001C60SPC200\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V500R001C60SPC200\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:usg6500_firmware\") {\n if(version == \"V500R001C00\" || version == \"V500R001C30SPC100\") {\n if (!patch || version_is_less(version: patch, test_version: \"V500R001C60SPC200\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V500R001C60SPC200\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:usg6600_firmware\") {\n if(version == \"V500R001C00\" || version == \"V500R001C30SPC100\") {\n if (!patch || version_is_less(version: patch, test_version: \"V500R001C60SPC200\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V500R001C60SPC200\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:te30_firmware\") {\n if(version == \"V100R001C02SPC100\" || version == \"V100R001C10\" || version == \"V500R002C00SPC200\" || version == \"V600R006C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V600R006C00SPC400\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V600R006C00SPC400\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:te40_firmware\") {\n if(version == \"V500R002C00SPC600\" || version == \"V600R006C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V600R006C00SPC400\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V600R006C00SPC400\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:te50_firmware\") {\n if(version == \"V500R002C00SPC600\" || version == \"V600R006C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V600R006C00SPC400\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V600R006C00SPC400\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:te60_firmware\") {\n if(version == \"V100R001C01SPC100\" || version == \"V100R001C10\" || version == \"V500R002C00\" || version == \"V600R006C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V600R006C00SPC400\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V600R006C00SPC400\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:tp3106_firmware\") {\n if(version == \"V100R002C00\") {\n if (!patch || version_is_less(version: patch, test_version: \"V100R002C00SPC800\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V100R002C00SPC800\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:tp3206_firmware\") {\n if(version == \"V100R002C00\" || version == \"V100R002C10\") {\n if (!patch || version_is_less(version: patch, test_version: \"V100R002C00SPC800\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V100R002C00SPC800\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:usg9500_firmware\") {\n if(version == \"V500R001C00\" || version == \"V500R001C30SPC100\") {\n if (!patch || version_is_less(version: patch, test_version: \"V500R002C20SPC200\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V500R002C20SPC200\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\nelse if (cpe == \"cpe:/o:huawei:viewpoint_9030_firmware\") {\n if(version == \"V100R011C02SPC100\" || version == \"V100R011C03SPC100\") {\n if (!patch || version_is_less(version: patch, test_version: \"V100R011C03SPC800\")) {\n report = report_fixed_ver(installed_version: version, installed_patch: patch, fixed_version: \"V100R011C03SPC800\");\n security_message(port: 0, data: report);\n exit(0);\n }\n }\n}\n\nexit(99);\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}}]}
