Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huaweiHuawei TechnologiesHUAWEI-SA-20171213-01-IPV6
HistoryDec 13, 2017 - 12:00 a.m.

Security Advisory - IPv6 Out-of-bounds Read Vulnerability in Huawei Products

2017-12-1300:00:00
Huawei Technologies
www.huawei.com
12

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

44.8%

JSON

IPv6 has an out-of-bounds read vulnerability. An unauthenticated attacker may send crafted malformed IPv6 packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause device to reset.(Vulnerability ID: HWPSIRT-2016-08018)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2017-17165.

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-ipv6-en

IPv6 has an out-of-bounds read vulnerability. An unauthenticated attacker may send crafted malformed IPv6 packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause some board to reset.

IPv6 has an out-of-bounds read vulnerability. An unauthenticated attacker may send crafted malformed IPv6 packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause some board to reset.

IPv6 has an out-of-bounds read vulnerability. An unauthenticated attacker may send crafted malformed IPv6 packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause some board to reset.

Affected configurations

Vulners
Node
huaweiquidway_s2700MatchV200R003C00SPC300
OR
huaweiquidway_s5300MatchV200R003C00SPC300
OR
huaweiquidway_s5700MatchV200R003C00SPC300
OR
huaweis2300MatchV200R003C00
OR
huaweis2300MatchV200R003C00SPC300T
OR
huaweis2300MatchV200R005C00
OR
huaweis2300MatchV200R006C00
OR
huaweis2300MatchV200R007C00
OR
huaweis2300MatchV200R008C00
OR
huaweis2300MatchV200R009C00
OR
huaweis2700MatchV200R005C00
OR
huaweis2700MatchV200R006C00
OR
huaweis2700MatchV200R007C00
OR
huaweis2700MatchV200R008C00
OR
huaweis2700MatchV200R009C00
OR
huaweis5300MatchV200R003C00
OR
huaweis5300MatchV200R003C00SPC300T
OR
huaweis5300MatchV200R003C00SPC600
OR
huaweis5300MatchV200R003C02
OR
huaweis5300MatchV200R005C00
OR
huaweis5300MatchV200R005C01
OR
huaweis5300MatchV200R005C02
OR
huaweis5300MatchV200R005C03
OR
huaweis5300MatchV200R005C05
OR
huaweis5300MatchV200R006C00
OR
huaweis5300MatchV200R007C00
OR
huaweis5300MatchV200R008C00
OR
huaweis5300MatchV200R009C00
OR
huaweis5700MatchV200R003C00
OR
huaweis5700MatchV200R003C00SPC316T
OR
huaweis5700MatchV200R003C00SPC600
OR
huaweis5700MatchV200R003C02
OR
huaweis5700MatchV200R005C00
OR
huaweis5700MatchV200R005C01
OR
huaweis5700MatchV200R005C02
OR
huaweis5700MatchV200R005C03
OR
huaweis5700MatchV200R006C00
OR
huaweis5700MatchV200R007C00
OR
huaweis5700MatchV200R008C00
OR
huaweis5700MatchV200R009C00
OR
huaweis600-eMatchV200R008C00
OR
huaweis600-eMatchV200R009C00
OR
huaweis6300MatchV200R003C00
OR
huaweis6300MatchV200R005C00
OR
huaweis6300MatchV200R007C00
OR
huaweis6300MatchV200R008C00
OR
huaweis6300MatchV200R009C00
OR
huaweis6700MatchV200R003C00
OR
huaweis6700MatchV200R005C00
OR
huaweis6700MatchV200R005C01
OR
huaweis6700MatchV200R005C02
OR
huaweis6700MatchV200R007C00
OR
huaweis6700MatchV200R008C00
OR
huaweis6700MatchV200R009C00

Related

cve 1
cvelist 1
nvd 1
openvas 1
prion 1
cve
cve
CVE-2017-17165
2018-02-15 16:29:02
cvelist
cvelist
CVE-2017-17165
2018-02-15 16:00:00
nvd
nvd
CVE-2017-17165
2018-02-15 16:29:02
openvas
openvas
Huawei Data Communication: IPv6 Memory Overflow Vulnerability in Huawei Products (huawei-sa-20171213-01-ipv6)
2020-05-27 00:00:00
prion
prion
Out-of-bounds
2018-02-15 16:29:00

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

44.8%

JSON
Related for HUAWEI-SA-20171213-01-IPV6
cve1cvelist1nvd1openvas1prion1