Lucene search
K

22 matches found

OpenVAS
OpenVAS
added 2020/06/09 12:0 a.m.65 views

Huawei Products Improper Authentication Vulnerability (huawei-sa-20200506-02-authentication)

Multiple Huawei products are prone to an improper authentication vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program...

9.8CVSS9.8AI score0.00876EPSS
Exploits0References1
NVD
NVD
added 2020/06/08 2:15 p.m.24 views

CVE-2020-9099

Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6300; Secospace USG6500; Secospace USG6600; USG9500 with versions of V500R001C00; V500R001C20; V500R001C30; V500R001C50; V500R001C60; V500R001C80; V500R005C00; V500R005C10; V500R005C20; V500R002C00; V500R002C10;...

9.8CVSS9.7AI score0.00876EPSS
Exploits0References1
Prion
Prion
added 2020/06/08 2:15 p.m.23 views

Authentication flaw

Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6300; Secospace USG6500; Secospace USG6600; USG9500 with versions of V500R001C00; V500R001C20; V500R001C30; V500R001C50; V500R001C60; V500R001C80; V500R005C00; V500R005C10; V500R005C20; V500R002C00; V500R002C10;...

7.5CVSS9.5AI score0.00876EPSS
Exploits0References1Affected Software9
Cvelist
Cvelist
added 2020/06/08 1:55 p.m.26 views

CVE-2020-9099

Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6300; Secospace USG6500; Secospace USG6600; USG9500 with versions of V500R001C00; V500R001C20; V500R001C30; V500R001C50; V500R001C60; V500R001C80; V500R005C00; V500R005C10; V500R005C20; V500R002C00; V500R002C10;...

9.7AI score0.00876EPSS
Exploits0References1
OSV
OSV
added 2018/04/24 3:29 p.m.5 views

CVE-2017-17253

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20,...

7.5CVSS5.8AI score0.01242EPSS
Exploits0References1
NVD
NVD
added 2018/03/09 5:29 p.m.19 views

CVE-2017-17330

Huawei AR3200 V200R005C32; V200R006C10; V200R006C11; V200R007C00; V200R007C01; V200R007C02; V200R008C00; V200R008C10; V200R008C20; V200R008C30; NGFW Module V500R001C00; V500R001C20; V500R002C00 have a memory leak vulnerability. The software does not release allocated memory properly when parse XM...

3.3CVSS3.8AI score0.00222EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/03/09 5:0 p.m.23 views

CVE-2017-17330

Huawei AR3200 V200R005C32; V200R006C10; V200R006C11; V200R007C00; V200R007C01; V200R007C02; V200R008C00; V200R008C10; V200R008C20; V200R008C30; NGFW Module V500R001C00; V500R001C20; V500R002C00 have a memory leak vulnerability. The software does not release allocated memory properly when parse XM...

3.8AI score0.00222EPSS
Exploits0References1
CVE
CVE
added 2018/03/09 5:0 p.m.64 views

CVE-2017-17330

The CVE-2017-17330 entry concerns a memory-leak vulnerability in Huawei AR3200 and NGFW Module devices. The flaw is triggered when parsing XML element data, where allocated memory is not properly released, potentially causing a service to run out of memory after an attacker uploads a crafted XML ...

3.3CVSS4AI score0.00222EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/02/15 4:29 p.m.23 views

CVE-2017-17166

Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, TP3206 V100R002C00, VP9660 V500R002C00, V500R002C10 have a...

5.3CVSS5.3AI score0.01285EPSS
Exploits0References1
NVD
NVD
added 2018/02/15 4:29 p.m.27 views

CVE-2017-17157

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...

7.5CVSS7.4AI score0.00925EPSS
Exploits0References1
NVD
NVD
added 2018/02/15 4:29 p.m.21 views

CVE-2017-17156

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...

7.5CVSS7.4AI score0.00925EPSS
Exploits0References1
NVD
NVD
added 2018/02/15 4:29 p.m.23 views

CVE-2017-15348

Huawei IPS Module V500R001C00, NGFW Module V500R001C00, NIP6300 V500R001C00, NIP6600 V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, USG9500 V500R001C00 have an insufficient input validation vulnerability. An unauthenticated, remote attack...

7.8CVSS7.5AI score0.01339EPSS
Exploits0References1
Prion
Prion
added 2018/02/15 4:29 p.m.18 views

Design/Logic Flaw

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...

4.3CVSS6.2AI score0.00781EPSS
Exploits0References1Affected Software8
Prion
Prion
added 2018/02/15 4:29 p.m.20 views

Input validation

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...

5CVSS7.3AI score0.00925EPSS
Exploits0References1Affected Software8
Cvelist
Cvelist
added 2018/02/15 4:0 p.m.25 views

CVE-2017-17156

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE,...

7.4AI score0.00925EPSS
Exploits0References1
CVE
CVE
added 2018/02/15 4:0 p.m.57 views

CVE-2017-15348

The CVE-2017-15348 entry applies to Huawei Huawei IPS Module V500R001C00, NGFW Module V500R001C00, NIP6300 V500R001C00, NIP6600 V500R001C00, Secospace USG6300/USG6500/USG6600, and USG9500 devices. The root cause is insufficient input validation in MPLS Echo Request handling, which can be triggere...

7.8CVSS7.5AI score0.01339EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/02/15 4:0 p.m.58 views

CVE-2017-17155

The CVE-2017-17155 entry concerns an out-of-bounds memory access in IKEv2 implementations across Huawei devices (IPS Module, NGFW, NIP6300/6600, Secospace USG/USG6500/USG6600, etc.). The root cause is improper handling of a 4-byte alignment on MIPS architectures, allowing an attacker to access me...

7.5CVSS7.3AI score0.00925EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/02/15 4:0 p.m.27 views

CVE-2017-15348

Huawei IPS Module V500R001C00, NGFW Module V500R001C00, NIP6300 V500R001C00, NIP6600 V500R001C00, Secospace USG6300 V500R001C00, Secospace USG6500 V500R001C00, Secospace USG6600 V500R001C00, USG9500 V500R001C00 have an insufficient input validation vulnerability. An unauthenticated, remote attack...

7.5AI score0.01339EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/02/15 4:0 p.m.26 views

CVE-2017-17166

Huawei DP300 V500R002C00, Secospace USG6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, TP3206 V100R002C00, VP9660 V500R002C00, V500R002C10 have a...

5.3AI score0.01285EPSS
Exploits0References1
CVE
CVE
added 2018/02/15 4:0 p.m.55 views

CVE-2017-17166

The CVE-2017-17166 issue affects Huawei DP300, Secospace USG6300/6500/6600, TP3206, and VP9660 devices across listed firmware branches, caused by improper processing of certain H.323 message fields. An unauthenticated remote attacker can send crafted H.323 messages to trigger stack memory exhaust...

5.3CVSS5.3AI score0.01285EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder