Lucene search

[email protected]NVD:CVE-2017-17138

HistoryMar 05, 2018 - 7:29 p.m.

CVE-2017-17138

2018-03-0519:29:00

CWE-20

[email protected]

web.nvd.nist.gov

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a DoS vulnerability in PEM module of Huawei products due to insufficient verification. An authenticated local attacker can make processing into deadloop by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service.

Affected configurations

NVD

Node

huaweidp300_firmwareMatchv500r002c00

AND

huaweidp300Match-

Node

huaweiips_module_firmwareMatchv500r001c00

huaweiips_module_firmwareMatchv500r001c30

AND

huaweiips_moduleMatch-

Node

huaweingfw_module_firmwareMatchv500r001c00

huaweingfw_module_firmwareMatchv500r002c00

AND

huaweingfw_moduleMatch-

Node

huaweinip6300_firmwareMatchv500r001c00

huaweinip6300_firmwareMatchv500r001c30

AND

huaweinip6300Match-

Node

huaweinip6600_firmwareMatchv500r001c00

huaweinip6600_firmwareMatchv500r001c30

AND

huaweinip6600Match-

Node

huaweirp200_firmwareMatchv500r002c00

huaweirp200_firmwareMatchv600r006c00

AND

huaweirp200Match-

Node

huaweis12700_firmwareMatchv200r007c00

huaweis12700_firmwareMatchv200r007c01

huaweis12700_firmwareMatchv200r008c00

huaweis12700_firmwareMatchv200r009c00

huaweis12700_firmwareMatchv200r010c00

AND

huaweis12700Match-

Node

huaweis1700_firmwareMatchv200r006c10

huaweis1700_firmwareMatchv200r009c00

huaweis1700_firmwareMatchv200r010c00

AND

huaweis1700Match-

Node

huaweis2700_firmwareMatchv200r006c10

huaweis2700_firmwareMatchv200r007c00

huaweis2700_firmwareMatchv200r008c00

huaweis2700_firmwareMatchv200r009c00

huaweis2700_firmwareMatchv200r010c00

AND

huaweis2700Match-

Node

huaweis5700_firmwareMatchv200r006c00

huaweis5700_firmwareMatchv200r007c00

huaweis5700_firmwareMatchv200r008c00

huaweis5700_firmwareMatchv200r009c00

huaweis5700_firmwareMatchv200r010c00

AND

huaweis5700Match-

Node

huaweis6700_firmwareMatchv200r008c00

huaweis6700_firmwareMatchv200r009c00

huaweis6700_firmwareMatchv200r010c00

AND

huaweis6700Match-

Node

huaweis7700_firmwareMatchv200r007c00

huaweis7700_firmwareMatchv200r008c00

huaweis7700_firmwareMatchv200r009c00

huaweis7700_firmwareMatchv200r010c00

AND

huaweis7700Match-

Node

huaweis9700_firmwareMatchv200r007c00

huaweis9700_firmwareMatchv200r007c01

huaweis9700_firmwareMatchv200r008c00

huaweis9700_firmwareMatchv200r009c00

huaweis9700_firmwareMatchv200r010c00

AND

huaweis9700Match-

Node

huaweisecospace_usg6300_firmwareMatchv500r001c00

huaweisecospace_usg6300_firmwareMatchv500r001c30

AND

huaweisecospace_usg6300Match-

Node

huaweisecospace_usg6500_firmwareMatchv500r001c00

huaweisecospace_usg6500_firmwareMatchv500r001c30

AND

huaweisecospace_usg6500Match-

Node

huaweisecospace_usg6600_firmwareMatchv500r001c00

huaweisecospace_usg6600_firmwareMatchv500r001c30s

AND

huaweisecospace_usg6600Match-

Node

huaweite30_firmwareMatchv100r001c02

huaweite30_firmwareMatchv100r001c10

huaweite30_firmwareMatchv500r002c00

huaweite30_firmwareMatchv600r006c00

AND

huaweite30Match-

Node

huaweite40_firmwareMatchv500r002c00

huaweite40_firmwareMatchv600r006c00

AND

huaweite40Match-

Node

huaweite50_firmwareMatchv500r002c00

huaweite50_firmwareMatchv600r006c00

AND

huaweite50Match-

Node

huaweite60_firmwareMatchv100r001c02

huaweite60_firmwareMatchv100r001c10

huaweite60_firmwareMatchv500r002c00

huaweite60_firmwareMatchv600r006c00

AND

huaweite60Match-

Node

huaweitp3106_firmwareMatchv100r002c00

AND

huaweitp3106Match-

Node

huaweitp3206_firmwareMatchv100r002c00

huaweitp3206_firmwareMatchv100r002c10

AND

huaweitp3206Match-

Node

huaweiusg9500_firmwareMatchv500r001c00

huaweiusg9500_firmwareMatchv500r001c30

AND

huaweiusg9500Match-

Node

huaweiviewpoint_9030_firmwareMatchv100r011c02

huaweiviewpoint_9030_firmwareMatchv100r011c03

AND

huaweiviewpoint_9030Match-

References

www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2017-17138

cvelist1 cve1 prion1 openvas1 huawei1