Sign-up

ID

VAR-201711-1008


CVE

CVE-2017-8163


TITLE

plural Huawei Product out-of-bounds vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-010624

DESCRIPTION

AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR150 with software V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR150-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR160 with software V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR200 with software V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30,AR200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR2200 with software V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR2200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR3200 with software V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30,AR510 with software V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, V200R008C20, V200R008C30,NetEngine16EX with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,SMC2.0 with software V100R003C10, V100R005C00, V500R002C00, V600R006C00,SRG1300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG2300 with software V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30,SRG3300 with software V200R006C10, V200R007C00, V200R008C20, V200R008C30 have an out-of-bounds read vulnerability. Due to insufficient input validation, an authenticated, remote attacker could send specially crafted message to the target device.Successful exploit of the vulnerability could cause out-of-bounds read and system crash. plural Huawei The product contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The AR series, SRG series, and NetEngine16EX service routing gateways are Huawei's all-in-one integrated service gateways for small and medium-sized branches and small and medium-sized enterprises. Huawei SMC2.0 is a video service management platform. A cross-border read vulnerability exists in several Huawei products due to the device's failure to fully verify user input. Huawei AR120-S and others are all router products of China Huawei (Huawei). There are security vulnerabilities in several Huawei products. The vulnerability is caused by the program's insufficient implementation of input validation. The following products and versions are affected: Huawei AR120-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR1200 V200R006C10 Version, V200R006C13 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR1200-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR150 V200R006C10 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR150-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR160 V200R006C10 Version, V200R006C12 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version, V200R008C30 Version; AR200 V200R006C10 Version, V200R007C00 Version, V200R007C01 Version, V200R008C20 Version, V200R008C30 Version; AR200-S V200R006C10 Version, V200R007C00 Version, V200R008C20 Version, V200R008C30 Version; AR2200

Trust: 2.25

sources: NVD: CVE-2017-8163 // JVNDB: JVNDB-2017-010624 // CNVD: CNVD-2017-34449 // VULHUB: VHN-116366

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2017-34449

AFFECTED PRODUCTS

vendor:huaweimodel:ar2200scope:eqversion:v200r008c30

Trust: 1.6

vendor:huaweimodel:ar2200scope:eqversion:v200r007c01

Trust: 1.6

vendor:huaweimodel:ar2200-sscope:eqversion:v200r007c00

Trust: 1.6

vendor:huaweimodel:ar2200scope:eqversion:v200r007c00

Trust: 1.6

vendor:huaweimodel:ar2200scope:eqversion:v200r006c13

Trust: 1.6

vendor:huaweimodel:ar2200-sscope:eqversion:v200r008c20

Trust: 1.6

vendor:huaweimodel:ar2200scope:eqversion:v200r007c02

Trust: 1.6

vendor:huaweimodel:ar2200scope:eqversion:v200r006c16pwe

Trust: 1.6

vendor:huaweimodel:ar2200scope:eqversion:v200r008c20

Trust: 1.6

vendor:huaweimodel:ar2200-sscope:eqversion:v200r006c10

Trust: 1.6

vendor:huaweimodel:ar150-sscope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:ar200scope:eqversion:v200r007c01

Trust: 1.0

vendor:huaweimodel:smc2.0scope:eqversion:v600r006c00

Trust: 1.0

vendor:huaweimodel:srg2300scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:srg3300scope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:ar510scope:eqversion:v200r006c12

Trust: 1.0

vendor:huaweimodel:srg3300scope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:ar120-sscope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:ar120-sscope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:ar3200scope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:ar3200scope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:ar3200scope:eqversion:v200r006c11

Trust: 1.0

vendor:huaweimodel:ar1200scope:eqversion:v200r006c13

Trust: 1.0

vendor:huaweimodel:ar3200scope:eqversion:v200r008c00

Trust: 1.0

vendor:huaweimodel:ar200-sscope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:ar200-sscope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:ar150scope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:ar160scope:eqversion:v200r007c02

Trust: 1.0

vendor:huaweimodel:ar150scope:eqversion:v200r007c01

Trust: 1.0

vendor:huaweimodel:ar510scope:eqversion:v200r006c17

Trust: 1.0

vendor:huaweimodel:ar3200scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:ar3200scope:eqversion:v200r008c10

Trust: 1.0

vendor:huaweimodel:ar510scope:eqversion:v200r006c16

Trust: 1.0

vendor:huaweimodel:netengine16exscope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:ar1200scope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:netengine16exscope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:srg1300scope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:ar1200scope:eqversion:v200r007c01

Trust: 1.0

vendor:huaweimodel:ar150scope:eqversion:v200r007c02

Trust: 1.0

vendor:huaweimodel:ar510scope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:ar1200scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:ar150-sscope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:ar510scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:srg2300scope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:smc2.0scope:eqversion:v100r003c10

Trust: 1.0

vendor:huaweimodel:ar1200-sscope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:ar160scope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:ar200scope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:ar200scope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:ar2200-sscope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:smc2.0scope:eqversion:v500r002c00

Trust: 1.0

vendor:huaweimodel:ar1200-sscope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:ar160scope:eqversion:v200r007c01

Trust: 1.0

vendor:huaweimodel:srg1300scope:eqversion:v200r007c02

Trust: 1.0

vendor:huaweimodel:ar1200scope:eqversion:v200r007c02

Trust: 1.0

vendor:huaweimodel:ar120-sscope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:ar160scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:ar200scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:ar2200scope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:srg3300scope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:srg2300scope:eqversion:v200r007c02

Trust: 1.0

vendor:huaweimodel:srg3300scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:ar150scope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:ar150scope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:ar3200scope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:ar120-sscope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:ar160scope:eqversion:v200r006c12

Trust: 1.0

vendor:huaweimodel:ar3200scope:eqversion:v200r007c01

Trust: 1.0

vendor:huaweimodel:ar510scope:eqversion:v200r006c13

Trust: 1.0

vendor:huaweimodel:ar200-sscope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:ar200-sscope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:ar150scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:ar200scope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:srg1300scope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:ar1200scope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:ar1200scope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:srg1300scope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:ar510scope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:ar3200scope:eqversion:v200r007c02

Trust: 1.0

vendor:huaweimodel:ar510scope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:smc2.0scope:eqversion:v100r005c00

Trust: 1.0

vendor:huaweimodel:ar150-sscope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:ar150-sscope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:netengine16exscope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:srg2300scope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:srg2300scope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:ar1200-sscope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:ar1200-sscope:eqversion:v200r006c10

Trust: 1.0

vendor:huaweimodel:netengine16exscope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:srg1300scope:eqversion:v200r007c00

Trust: 1.0

vendor:huaweimodel:ar510scope:eqversion:v200r006c15

Trust: 1.0

vendor:huaweimodel:ar160scope:eqversion:v200r008c20

Trust: 1.0

vendor:huaweimodel:ar160scope:eqversion:v200r008c30

Trust: 1.0

vendor:huaweimodel:ar120-sscope: - version: -

Trust: 0.8

vendor:huaweimodel:ar1200scope: - version: -

Trust: 0.8

vendor:huaweimodel:ar1200-sscope: - version: -

Trust: 0.8

vendor:huaweimodel:ar150scope: - version: -

Trust: 0.8

vendor:huaweimodel:ar150-sscope: - version: -

Trust: 0.8

vendor:huaweimodel:ar160scope: - version: -

Trust: 0.8

vendor:huaweimodel:ar200scope: - version: -

Trust: 0.8

vendor:huaweimodel:ar200-sscope: - version: -

Trust: 0.8

vendor:huaweimodel:ar2200scope: - version: -

Trust: 0.8

vendor:huaweimodel:ar2200-sscope: - version: -

Trust: 0.8

vendor:huaweimodel:ar3200scope: - version: -

Trust: 0.8

vendor:huaweimodel:ar510scope: - version: -

Trust: 0.8

vendor:huaweimodel:netengine16exscope: - version: -

Trust: 0.8

vendor:huaweimodel:smc2.0scope: - version: -

Trust: 0.8

vendor:huaweimodel:srg1300scope: - version: -

Trust: 0.8

vendor:huaweimodel:srg2300scope: - version: -

Trust: 0.8

vendor:huaweimodel:srg3300scope: - version: -

Trust: 0.8

vendor:huaweimodel:ar3200 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar3200 v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar3200 v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:smc2.0 v100r003c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:smc2.0 v500r002c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:smc2.0 v600r006c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar120-s v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar120-s v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar120-s v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar120-s v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar1200 v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar1200 v200r006c13scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar1200 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar1200 v200r007c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar1200 v200r007c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar1200 v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar1200 v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar1200-s v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar1200-s v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar1200-s v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar1200-s v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar150 v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar150 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar150 v200r007c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar150 v200r007c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar150 v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar150 v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar150-s v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar150-s v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar150-s v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar150-s v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar160 v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar160 v200r006c12scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar160 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar160 v200r007c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar160 v200r007c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar160 v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar160 v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar200 v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar200 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar200 v200r007c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar200 v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar200 v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar200-s v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar200-s v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar200-s v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar200-s v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar2200 v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar2200 v200r006c13scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar2200 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar2200 v200r007c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar2200 v200r007c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar2200 v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar2200 v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar3200 v200r006c11scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar3200 v200r007c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar3200 v200r007c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar3200 v200r008c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar3200 v200r008c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar3200 v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar510 v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar510 v200r006c12scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar510 v200r006c13scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar510 v200r006c15scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar510 v200r006c16scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar510 v200r006c17scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar510 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar510 v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:ar510 v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:netengine16ex v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:netengine16ex v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:netengine16ex v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:netengine16ex v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:smc2.0 v100r005c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg1300 v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg1300 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg1300 v200r007c01scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg1300 v200r007c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg1300 v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg1300 v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg2300 v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg2300 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg2300 v200r007c02scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg2300 v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg2300 v200r008c30scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg3300 v200r006c10scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg3300 v200r007c00scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg3300 v200r008c20scope: - version: -

Trust: 0.6

vendor:huaweimodel:srg3300 v200r008c30scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2017-34449 // JVNDB: JVNDB-2017-010624 // CNNVD: CNNVD-201711-968 // NVD: CVE-2017-8163

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-8163
value: MEDIUM

Trust: 1.0

NVD: CVE-2017-8163
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2017-34449
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201711-968
value: MEDIUM

Trust: 0.6

VULHUB: VHN-116366
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-8163
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2017-34449
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-116366
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-8163
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2017-34449 // VULHUB: VHN-116366 // JVNDB: JVNDB-2017-010624 // CNNVD: CNNVD-201711-968 // NVD: CVE-2017-8163

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.9

sources: VULHUB: VHN-116366 // JVNDB: JVNDB-2017-010624 // NVD: CVE-2017-8163

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201711-968

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201711-968

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2017-010624

PATCH
title:huawei-sa-20171018-01-h323url:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-h323-en
Trust: 0.8
title:Patch of various Huawei products beyond the boundary read vulnerability (CNVD-2017-34449)url:https://www.cnvd.org.cn/patchInfo/show/106350
Trust: 0.6
title:Multiple Huawei Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=76678
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-34449 // 
            
            
            
            JVNDB: JVNDB-2017-010624 // 
            
            
            
            CNNVD: CNNVD-201711-968

EXTERNAL IDS
db:NVDid:CVE-2017-8163
Trust: 3.1
db:JVNDBid:JVNDB-2017-010624
Trust: 0.8
db:CNNVDid:CNNVD-201711-968
Trust: 0.7
db:CNVDid:CNVD-2017-34449
Trust: 0.6
db:VULHUBid:VHN-116366
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2017-34449 // 
            
            
            
            VULHUB: VHN-116366 // 
            
            
            
            JVNDB: JVNDB-2017-010624 // 
            
            
            
            CNNVD: CNNVD-201711-968 // 
            
            
            
            NVD: CVE-2017-8163

REFERENCES
url:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171018-01-h323-en
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-8163
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2017-8163
Trust: 0.8
url:http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171018-01-h323-cn
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2017-34449 // 
            
            
            
            VULHUB: VHN-116366 // 
            
            
            
            JVNDB: JVNDB-2017-010624 // 
            
            
            
            CNNVD: CNNVD-201711-968 // 
            
            
            
            NVD: CVE-2017-8163

SOURCES
db:CNVDid:CNVD-2017-34449
db:VULHUBid:VHN-116366
db:JVNDBid:JVNDB-2017-010624
db:CNNVDid:CNNVD-201711-968
db:NVDid:CVE-2017-8163

LAST UPDATE DATE
2024-11-23T22:52:15.750000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2017-34449date:2017-11-17T00:00:00
db:VULHUBid:VHN-116366date:2017-12-08T00:00:00
db:JVNDBid:JVNDB-2017-010624date:2017-12-20T00:00:00
db:CNNVDid:CNNVD-201711-968date:2017-11-30T00:00:00
db:NVDid:CVE-2017-8163date:2024-11-21T03:33:26.833

SOURCES RELEASE DATE
db:CNVDid:CNVD-2017-34449date:2017-11-17T00:00:00
db:VULHUBid:VHN-116366date:2017-11-22T00:00:00
db:JVNDBid:JVNDB-2017-010624date:2017-12-20T00:00:00
db:CNNVDid:CNNVD-201711-968date:2017-11-23T00:00:00
db:NVDid:CVE-2017-8163date:2017-11-22T19:29:03.803