ID

VAR-201802-0450


CVE

CVE-2017-17156


TITLE

plural Huawei Vulnerability related to input validation in products

Trust: 0.8

sources: JVNDB: JVNDB-2017-012419

DESCRIPTION

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has an out-of-bounds memory access vulnerability due to insufficient input validation. An attacker could exploit it to craft special packets to trigger out-of-bounds memory access, which may further lead to system exceptions. plural Huawei The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The Huawei IPS Module and others are all products of China's Huawei (Huawei). Huawei IPS Module is an IPS security device. The NGFW Module is a firewall device. IKEv2 is one of the VPN protocols. There are security vulnerabilities in IKEv2 in many Huawei products. The following products and versions are affected: Huawei IPS Module V500R001C00 Version, V500R001C00SPC200 Version, V500R001C00SPC300 Version, V500R001C00SPC500 Version, V500R001C00SPH303 Version, V500R001C00SPH508 Version, V500R001C20 Version, V500R001C20SPC100 Version, V500R001C20SPC100PWE Version, V500R001C20SPC200 Version, V500R001C20SPC200B062 Version, V500R001C20SPC200PWE Version, V500R001C20SPC300B078 Version, V500R001C20SPC300PWE Version; NGFW Module V500R001C00 Version, V500R001C00SPC200 Version, V500R001C00SPC300 Version, V500R001C00SPC500 Version, V500R001C00SPC500PWE Version, V500R001C00SPH303 Version, V500R001C00SPH508 Version, V500R001C20 Version, V500R001C20SPC100 Version, V500R001C20SPC100PWE Version, V500R001C20SPC200 Version, V500R001C20SPC200B062 Version, V500R001C20SPC200PWE Version, V500R001C20SPC300B078 Version, V500R001C20SPC300PWE Version; NIP6300 ..

Trust: 1.71

sources: NVD: CVE-2017-17156 // JVNDB: JVNDB-2017-012419 // VULHUB: VHN-108150

AFFECTED PRODUCTS

vendor:huaweimodel:nip6300scope:eqversion:v500r001c00spc200

Trust: 1.6

vendor:huaweimodel:nip6300scope:eqversion:v500r001c00sph303

Trust: 1.6

vendor:huaweimodel:nip6300scope:eqversion:v500r001c00spc300

Trust: 1.6

vendor:huaweimodel:usg9500scope:eqversion:v500r001c00spc500

Trust: 1.6

vendor:huaweimodel:nip6300scope:eqversion:v500r001c00spc500

Trust: 1.6

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c20spc200pwe

Trust: 1.6

vendor:huaweimodel:nip6300scope:eqversion:v500r001c00

Trust: 1.6

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c20spc300pwe

Trust: 1.6

vendor:huaweimodel:nip6300scope:eqversion:v500r001c00sph508

Trust: 1.6

vendor:huaweimodel:nip6300scope:eqversion:v500r001c20

Trust: 1.6

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c20spc200

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c00spc500pwe

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c20spc200b062

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c20spc101

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c00spc300

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c00sph303

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c20spc200b062

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c20spc200pwe

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c20spc200

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c20spc200b062

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c00spc200

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c20spc100pwe

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c20

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c20spc100

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c00spc500

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c00spc500pwe

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c00spc300

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c00sph303

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c20spc300b078

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c20spc100pwe

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c00sph508

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c20

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c00

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c00sph303

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c20spc100pwe

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c00spc200

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c20spc100

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c20spc101

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c20spc100

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c20spc200b062

Trust: 1.0

vendor:huaweimodel:nip6300scope:eqversion:v500r001c20spc200

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c00spc300

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c20

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c00

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c20spc200pwe

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c00spc500

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c00sph508

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c00sph508

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c20spc200

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c20spc100

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c20spc101

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c20spc300b078

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c00spc300

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c00spc500pwe

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c20spc300pwe

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c00sph508

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c20

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c00

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c00sph303

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c20spc200

Trust: 1.0

vendor:huaweimodel:nip6300scope:eqversion:v500r001c20spc200pwe

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c20spc100

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c20spc200b062

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c00spc300

Trust: 1.0

vendor:huaweimodel:nip6300scope:eqversion:v500r001c20spc100pwe

Trust: 1.0

vendor:huaweimodel:nip6300scope:eqversion:v500r001c20spc300b078

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c00sph303

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c00spc500

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c00spc301

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c20spc100

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c20spc200pwe

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c00sph508

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c20spc100pwe

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c00spc200

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c00

Trust: 1.0

vendor:huaweimodel:nip6300scope:eqversion:v500r001c20spc300pwe

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c20spc300b078

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c20spc300b078

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c20spc200

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c20spc200pwe

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c20spc300pwe

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c00spc500

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c20spc300pwe

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c00spc500pwe

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c20

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c00spc200

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c20spc200pwe

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c20spc300b078

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c00sph303

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c20spc100pwe

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c00spc200

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c20spc300pwe

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c00spc100

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c20spc200b062

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c20

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c00spc303

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c20spc200

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c00spc500

Trust: 1.0

vendor:huaweimodel:nip6300scope:eqversion:v500r001c20spc100

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c20spc200pwe

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c00

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c00spc500

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c20spc300b078

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c00

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c20spc100pwe

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c20spc101

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c00spc200

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c20spc300b078

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c00spc300

Trust: 1.0

vendor:huaweimodel:ngfw modulescope:eqversion:v500r001c20

Trust: 1.0

vendor:huaweimodel:secospace usg6500scope:eqversion:v500r001c00

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c20spc300

Trust: 1.0

vendor:huaweimodel:secospace usg6600scope:eqversion:v500r001c20spc300pwe

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c20spc100

Trust: 1.0

vendor:huaweimodel:secospace usg6300scope:eqversion:v500r001c20spc200

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c00spc500pwe

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c20spc100pwe

Trust: 1.0

vendor:huaweimodel:ips modulescope:eqversion:v500r001c00spc200

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c00spc300

Trust: 1.0

vendor:huaweimodel:usg9500scope:eqversion:v500r001c00sph303

Trust: 1.0

vendor:huaweimodel:nip6300scope:eqversion:v500r001c20spc200b062

Trust: 1.0

vendor:huaweimodel:nip6600scope:eqversion:v500r001c00sph508

Trust: 1.0

vendor:huaweimodel:ips modulescope: - version: -

Trust: 0.8

vendor:huaweimodel:ngfw modulescope: - version: -

Trust: 0.8

vendor:huaweimodel:nip6300scope: - version: -

Trust: 0.8

vendor:huaweimodel:nip6600scope: - version: -

Trust: 0.8

vendor:huaweimodel:secospace usg6300scope: - version: -

Trust: 0.8

vendor:huaweimodel:secospace usg6500scope: - version: -

Trust: 0.8

vendor:huaweimodel:secospace usg6600scope: - version: -

Trust: 0.8

vendor:huaweimodel:usg9500scope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2017-012419 // CNNVD: CNNVD-201712-317 // NVD: CVE-2017-17156

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-17156
value: HIGH

Trust: 1.0

NVD: CVE-2017-17156
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201712-317
value: MEDIUM

Trust: 0.6

VULHUB: VHN-108150
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-17156
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-108150
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-17156
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-108150 // JVNDB: JVNDB-2017-012419 // CNNVD: CNNVD-201712-317 // NVD: CVE-2017-17156

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-108150 // JVNDB: JVNDB-2017-012419 // NVD: CVE-2017-17156

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201712-317

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201712-317

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-012419

PATCH

title:huawei-sa-20171206-01-ikev2url:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en

Trust: 0.8

sources: JVNDB: JVNDB-2017-012419

EXTERNAL IDS

db:NVDid:CVE-2017-17156

Trust: 2.5

db:JVNDBid:JVNDB-2017-012419

Trust: 0.8

db:CNNVDid:CNNVD-201712-317

Trust: 0.7

db:VULHUBid:VHN-108150

Trust: 0.1

sources: VULHUB: VHN-108150 // JVNDB: JVNDB-2017-012419 // CNNVD: CNNVD-201712-317 // NVD: CVE-2017-17156

REFERENCES

url:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17156

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2017-17156

Trust: 0.8

sources: VULHUB: VHN-108150 // JVNDB: JVNDB-2017-012419 // CNNVD: CNNVD-201712-317 // NVD: CVE-2017-17156

SOURCES

db:VULHUBid:VHN-108150
db:JVNDBid:JVNDB-2017-012419
db:CNNVDid:CNNVD-201712-317
db:NVDid:CVE-2017-17156

LAST UPDATE DATE

2024-11-23T22:52:12.948000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-108150date:2018-02-24T00:00:00
db:JVNDBid:JVNDB-2017-012419date:2018-03-09T00:00:00
db:CNNVDid:CNNVD-201712-317date:2018-02-22T00:00:00
db:NVDid:CVE-2017-17156date:2024-11-21T03:17:36.103

SOURCES RELEASE DATE

db:VULHUBid:VHN-108150date:2018-02-15T00:00:00
db:JVNDBid:JVNDB-2017-012419date:2018-03-09T00:00:00
db:CNNVDid:CNNVD-201712-317date:2017-12-08T00:00:00
db:NVDid:CVE-2017-17156date:2018-02-15T16:29:01.877