Details of VAR-201802-0298

ID

VAR-201802-0298

CVE

CVE-2017-17301

TITLE

plural Huawei Cryptographic vulnerabilities in products

Trust: 0.8

sources: JVNDB: JVNDB-2017-012621

DESCRIPTION

Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30 V100R001C10, TE60 V100R003C00, V500R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660 V100R008C02, V100R008C03, eSpace IAD V300R002C01, eSpace U1981 V200R003C20, V200R003C30, eSpace USM V100R001C01, V300R001C00 have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain permissions configured for the specific user name. plural Huawei The product contains cryptographic vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Huawei AR120-S is a router product of China Huawei. A weak encryption algorithm vulnerability exists in several Huawei products because the program failed to correctly parse the value in the certificate. A remote attacker can exploit this vulnerability to forge an RSA signature with a specially crafted certificate. There are security vulnerabilities in several Huawei products. The following products and versions are affected: Huawei AR120-S V200R005C32 Version, V200R006C10 Version, V200R007C00 Version, V200R008C20 Version; AR1200 V200R005C20 Version, V200R005C32 Version, V200R006C10 Version, V200R007C00 Version, V200R007C01 Version, V200R007C02 Version, V200R008C20 Version; AR1200-S V200R005C32 Version , V200R006C10 version, V200R007C00 version, V200R008C20; AR150, etc

Trust: 2.25

sources: NVD: CVE-2017-17301 // JVNDB: JVNDB-2017-012621 // CNVD: CNVD-2017-38101 // VULHUB: VHN-108310

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-38101

AFFECTED PRODUCTS

vendor:	huawei	model:	cloudengine 6800	scope:	eq	version:	v100r006c00	Trust: 1.6
vendor:	huawei	model:	viewpoint 8660	scope:	eq	version:	v100r008c03	Trust: 1.6
vendor:	huawei	model:	espace u1981	scope:	eq	version:	v200r003c20	Trust: 1.6
vendor:	huawei	model:	cloudengine 6800	scope:	eq	version:	v100r003c00	Trust: 1.6
vendor:	huawei	model:	cloudengine 6800	scope:	eq	version:	v100r003c10	Trust: 1.6
vendor:	huawei	model:	espace iad	scope:	eq	version:	v300r002c01	Trust: 1.6
vendor:	huawei	model:	cloudengine 5800	scope:	eq	version:	v200r001c00	Trust: 1.6
vendor:	huawei	model:	espace u1981	scope:	eq	version:	v200r003c30	Trust: 1.6
vendor:	huawei	model:	espace usm	scope:	eq	version:	v100r001c01	Trust: 1.6
vendor:	huawei	model:	espace usm	scope:	eq	version:	v300r001c00	Trust: 1.6
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	cloudengine 6800	scope:	eq	version:	v100r005c00	Trust: 1.0
vendor:	huawei	model:	srg2300	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar200-s	scope:	eq	version:	v200r005c32	Trust: 1.0
vendor:	huawei	model:	cloudengine 7800	scope:	eq	version:	v100r003c00	Trust: 1.0
vendor:	huawei	model:	cloudengine 7800	scope:	eq	version:	v100r003c10	Trust: 1.0
vendor:	huawei	model:	cloudengine 6800	scope:	eq	version:	v100r005c10	Trust: 1.0
vendor:	huawei	model:	cloudengine 5800	scope:	eq	version:	v100r006c00	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r005c20	Trust: 1.0
vendor:	huawei	model:	srg3300	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	srg3300	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	cloudengine 12800	scope:	eq	version:	v200r001c00	Trust: 1.0
vendor:	huawei	model:	cloudengine 5800	scope:	eq	version:	v100r005c00	Trust: 1.0
vendor:	huawei	model:	ar3600	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	cloudengine 5800	scope:	eq	version:	v100r005c10	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r006c11	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r005c32	Trust: 1.0
vendor:	huawei	model:	cloudengine 7800	scope:	eq	version:	v200r001c00	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r008c00	Trust: 1.0
vendor:	huawei	model:	ar200-s	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar200-s	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r005c32	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	viewpoint 8660	scope:	eq	version:	v100r008c02	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	cloudengine 5800	scope:	eq	version:	v100r003c00	Trust: 1.0
vendor:	huawei	model:	cloudengine 5800	scope:	eq	version:	v100r003c10	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	te30	scope:	eq	version:	v100r001c10	Trust: 1.0
vendor:	huawei	model:	ar2200-s	scope:	eq	version:	v200r005c32	Trust: 1.0
vendor:	huawei	model:	te60	scope:	eq	version:	v500r002c00	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r005c32	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r005c32	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	cloudengine 12800	scope:	eq	version:	v100r006c00	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r008c10	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	cloudengine 12800	scope:	eq	version:	v100r005c00	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	cloudengine 12800	scope:	eq	version:	v100r005c10	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	eq	version:	v200r005c32	Trust: 1.0
vendor:	huawei	model:	cloudengine 12800	scope:	eq	version:	v100r003c00	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r005c32	Trust: 1.0
vendor:	huawei	model:	smc2.0	scope:	eq	version:	v100r003c10	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	cloudengine 7800	scope:	eq	version:	v100r005c10	Trust: 1.0
vendor:	huawei	model:	smc2.0	scope:	eq	version:	v500r002c00	Trust: 1.0
vendor:	huawei	model:	vp9660	scope:	eq	version:	v200r001c02	Trust: 1.0
vendor:	huawei	model:	ar1200-s	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar2200-s	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	srg1300	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	ar3600	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar200	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar3600	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	vp9660	scope:	eq	version:	v500r002c00	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	srg2300	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	srg3300	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r008c30	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	ar3600	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	srg1300	scope:	eq	version:	v200r005c32	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar200-s	scope:	eq	version:	v200r007c01	Trust: 1.0
vendor:	huawei	model:	cloudengine 6800	scope:	eq	version:	v200r001c00	Trust: 1.0
vendor:	huawei	model:	dp300	scope:	eq	version:	v500r002c00	Trust: 1.0
vendor:	huawei	model:	ar200-s	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	ar150	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	srg2300	scope:	eq	version:	v200r005c32	Trust: 1.0
vendor:	huawei	model:	te60	scope:	eq	version:	v100r003c00	Trust: 1.0
vendor:	huawei	model:	ar1200-s	scope:	eq	version:	v200r005c32	Trust: 1.0
vendor:	huawei	model:	vp9660	scope:	eq	version:	v200r001c30	Trust: 1.0
vendor:	huawei	model:	ar2200	scope:	eq	version:	v200r005c20	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar1200	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	srg1300	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	srg1300	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r007c02	Trust: 1.0
vendor:	huawei	model:	ar510	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	cloudengine 7800	scope:	eq	version:	v100r006c00	Trust: 1.0
vendor:	huawei	model:	smc2.0	scope:	eq	version:	v100r005c00	Trust: 1.0
vendor:	huawei	model:	srg2300	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	srg2300	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	ar1200-s	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar1200-s	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	cloudengine 7800	scope:	eq	version:	v100r005c00	Trust: 1.0
vendor:	huawei	model:	ar2200-s	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar2200-s	scope:	eq	version:	v200r006c10	Trust: 1.0
vendor:	huawei	model:	srg1300	scope:	eq	version:	v200r007c00	Trust: 1.0
vendor:	huawei	model:	srg3300	scope:	eq	version:	v200r005c32	Trust: 1.0
vendor:	huawei	model:	cloudengine 12800	scope:	eq	version:	v100r003c10	Trust: 1.0
vendor:	huawei	model:	ar3200	scope:	eq	version:	v200r005c32	Trust: 1.0
vendor:	huawei	model:	ar160	scope:	eq	version:	v200r008c20	Trust: 1.0
vendor:	huawei	model:	ar120-s	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	cloudengine 12800	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	dp300	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	espace iad	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	smc2.0	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	srg1300	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	te30	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	viewpoint 8660	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	vp9660	scope:	-	version:	-	Trust: 0.8
vendor:	huawei	model:	ar120-s v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120-s v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120-s v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar120-s v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r005c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200 v200r005c32	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200-s v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200-s v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200-s v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar1200-s v200r005c32	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar150 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r005c32	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar160 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200 v200r005c32	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200-s v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200-s v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200-s v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar200-s v200r005c32	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r005c32	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200 v200r005c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200-s v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200-s v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200-s v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar2200-s v200r005c32	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r005c32	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r006c11	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r008c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r008c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3200 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3600 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3600 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3600 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar3600 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r005c32	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	ar510 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r003c00	scope:	eq	version:	12800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r003c10	scope:	eq	version:	12800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r005c00	scope:	eq	version:	12800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r005c10	scope:	eq	version:	12800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r006c00	scope:	eq	version:	12800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r002c00	scope:	eq	version:	12800	Trust: 0.6
vendor:	huawei	model:	cloudengine v200r001c00	scope:	eq	version:	12800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r003c10	scope:	eq	version:	5800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r005c00	scope:	eq	version:	5800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r005c10	scope:	eq	version:	5800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r006c00	scope:	eq	version:	5800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r002c00	scope:	eq	version:	5800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r003c00	scope:	eq	version:	5800	Trust: 0.6
vendor:	huawei	model:	cloudengine v200r001c00	scope:	eq	version:	5800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r003c10	scope:	eq	version:	6800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r005c00	scope:	eq	version:	6800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r005c10	scope:	eq	version:	6800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r006c00	scope:	eq	version:	6800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r002c00	scope:	eq	version:	6800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r003c00	scope:	eq	version:	6800	Trust: 0.6
vendor:	huawei	model:	cloudengine v200r001c00	scope:	eq	version:	6800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r003c10	scope:	eq	version:	7800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r005c00	scope:	eq	version:	7800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r005c10	scope:	eq	version:	7800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r006c00	scope:	eq	version:	7800	Trust: 0.6
vendor:	huawei	model:	cloudengine v100r003c00	scope:	eq	version:	7800	Trust: 0.6
vendor:	huawei	model:	cloudengine v200r001c00	scope:	eq	version:	7800	Trust: 0.6
vendor:	huawei	model:	dp300 v500r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	smc2.0 v100r003c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	smc2.0 v500r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	smc2.0 v100r005c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg1300 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg1300 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg1300 v200r007c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg1300 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg1300 v200r008c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg1300 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg1300 v200r005c32	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg2300 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg2300 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg2300 v200r007c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg2300 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg2300 v200r005c32	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg3300 v200r006c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg3300 v200r007c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg3300 v200r008c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	srg3300 v200r005c32	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te30 v100r001c10	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te60 v100r003c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	te60 v500r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	vp9660 v200r001c02	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	vp9660 v200r001c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	vp9660 v500r002c00	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	viewpoint v100r008c03	scope:	eq	version:	8660	Trust: 0.6
vendor:	huawei	model:	viewpoint v100r008c02	scope:	eq	version:	8660	Trust: 0.6
vendor:	huawei	model:	espace iad v300r002c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	espace u1981 v200r003c30	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	espace u1981 v200r003c20	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	espace usm v100r001c01	scope:	-	version:	-	Trust: 0.6
vendor:	huawei	model:	espace usm v300r001c00	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2017-38101 // JVNDB: JVNDB-2017-012621 // CNNVD: CNNVD-201712-871 // NVD: CVE-2017-17301

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-17301
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2017-17301
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2017-38101
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201712-871
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-108310
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-17301
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2017-38101
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-108310
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-17301
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2017-38101 // VULHUB: VHN-108310 // JVNDB: JVNDB-2017-012621 // CNNVD: CNNVD-201712-871 // NVD: CVE-2017-17301

PROBLEMTYPE DATA

problemtype:	CWE-295	Trust: 1.1
problemtype:	CWE-310	Trust: 0.9

sources: VULHUB: VHN-108310 // JVNDB: JVNDB-2017-012621 // NVD: CVE-2017-17301

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201712-871

TYPE

trust management problem

Trust: 0.6

sources: CNNVD: CNNVD-201712-871

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-012621

PATCH

title:	huawei-sa-20171222-01-cryptography	url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en	Trust: 0.8
title:	Patches for multiple Huawei product weak encryption algorithm vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/111723	Trust: 0.6
title:	Multiple Huawei Product security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77320	Trust: 0.6

sources: CNVD: CNVD-2017-38101 // JVNDB: JVNDB-2017-012621 // CNNVD: CNNVD-201712-871

EXTERNAL IDS

db:	NVD	id:	CVE-2017-17301	Trust: 3.1
db:	JVNDB	id:	JVNDB-2017-012621	Trust: 0.8
db:	CNNVD	id:	CNNVD-201712-871	Trust: 0.7
db:	CNVD	id:	CNVD-2017-38101	Trust: 0.6
db:	VULHUB	id:	VHN-108310	Trust: 0.1

sources: CNVD: CNVD-2017-38101 // VULHUB: VHN-108310 // JVNDB: JVNDB-2017-012621 // CNNVD: CNNVD-201712-871 // NVD: CVE-2017-17301

REFERENCES

url:	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17301	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-17301	Trust: 0.8
url:	http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171222-01-cryptography-cn	Trust: 0.6

sources: CNVD: CNVD-2017-38101 // VULHUB: VHN-108310 // JVNDB: JVNDB-2017-012621 // CNNVD: CNNVD-201712-871 // NVD: CVE-2017-17301

CREDITS

Huawei internal tester

Trust: 0.6

sources: CNNVD: CNNVD-201712-871

SOURCES

db:	CNVD	id:	CNVD-2017-38101
db:	VULHUB	id:	VHN-108310
db:	JVNDB	id:	JVNDB-2017-012621
db:	CNNVD	id:	CNNVD-201712-871
db:	NVD	id:	CVE-2017-17301

LAST UPDATE DATE

2024-11-23T22:12:40.694000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-38101	date:	2017-12-26T00:00:00
db:	VULHUB	id:	VHN-108310	date:	2019-10-03T00:00:00
db:	JVNDB	id:	JVNDB-2017-012621	date:	2018-03-27T00:00:00
db:	CNNVD	id:	CNNVD-201712-871	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2017-17301	date:	2024-11-21T03:17:47.340

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-38101	date:	2017-12-26T00:00:00
db:	VULHUB	id:	VHN-108310	date:	2018-02-15T00:00:00
db:	JVNDB	id:	JVNDB-2017-012621	date:	2018-03-27T00:00:00
db:	CNNVD	id:	CNNVD-201712-871	date:	2017-12-25T00:00:00
db:	NVD	id:	CVE-2017-17301	date:	2018-02-15T16:29:03.610