ID
VAR-201802-0559
CVE
CVE-2017-17153
TITLE
plural Huawei Vulnerability related to input validation in products
Trust: 0.8
DESCRIPTION
IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has a memory leak vulnerability due to memory release failure resulted from insufficient input validation. An attacker could exploit it to cause memory leak, which may further lead to system exceptions. plural Huawei The product contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. The Huawei IPS Module and others are all products of China's Huawei (Huawei). Huawei IPS Module is an IPS security device. The NGFW Module is a firewall device. IKEv2 is one of the VPN protocols. IKEv2 in many Huawei products has a memory leak vulnerability, which is caused by the program not fully verifying the received packets. The following products and versions are affected: Huawei IPS Module V500R001C00 Version, V500R001C00SPC200 Version, V500R001C00SPC300 Version, V500R001C00SPC500 Version, V500R001C00SPH303 Version, V500R001C00SPH508 Version, V500R001C20 Version, V500R001C20SPC100 Version, V500R001C20SPC100PWE Version, V500R001C20SPC200 Version, V500R001C20SPC200B062 Version, V500R001C20SPC200PWE Version, V500R001C20SPC300B078 Version, V500R001C20SPC300PWE Version; NGFW Module V500R001C00 Version, V500R001C00SPC200 Version, V500R001C00SPC300 Version, V500R001C00SPC500 Version, V500R001C00SPC500PWE Version, V500R001C00SPH303 Version, V500R001C00SPH508 Version, V500R001C20 Version, V500R001C20SPC100 Version, V500R001C20SPC100PWE Version, V500R001C20SPC200 Version, V500R001C20SPC200B062 Version, V500R001C20SPC200PWE Version, V500R001C20SPC300B078 Version, V500R001C20SPC300PWE Version; NIP6300 ..
Trust: 1.71
AFFECTED PRODUCTS
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c20spc101 | Trust: 1.6 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c20spc200pwe | Trust: 1.6 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c20spc100 | Trust: 1.6 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c20spc300b078 | Trust: 1.6 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c20spc200b062 | Trust: 1.6 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c20spc300pwe | Trust: 1.6 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c20spc100pwe | Trust: 1.6 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c20 | Trust: 1.6 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c00sph508 | Trust: 1.6 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c20spc200 | Trust: 1.6 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c20spc200 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c00spc500pwe | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c20spc101 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | nip6600 | scope: | eq | version: | v500r001c00sph303 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c20spc200b062 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c20spc200pwe | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c20 | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c20spc200 | Trust: 1.0 |
| vendor: | huawei | model: | nip6600 | scope: | eq | version: | v500r001c20spc200b062 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c00spc200 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c20spc100pwe | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c20spc100 | Trust: 1.0 |
| vendor: | huawei | model: | nip6600 | scope: | eq | version: | v500r001c00spc500 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c00spc500pwe | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c00sph303 | Trust: 1.0 |
| vendor: | huawei | model: | nip6600 | scope: | eq | version: | v500r001c20spc300b078 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c20spc100pwe | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c00sph508 | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c00 | Trust: 1.0 |
| vendor: | huawei | model: | nip6600 | scope: | eq | version: | v500r001c20 | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c00 | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c20spc200pwe | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c00sph303 | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c20spc100pwe | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c00spc200 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c20spc100 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c20spc101 | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c20spc200b062 | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c20spc200 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c20spc300pwe | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c20 | Trust: 1.0 |
| vendor: | huawei | model: | nip6600 | scope: | eq | version: | v500r001c00 | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c20spc200pwe | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c00spc500 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c00sph508 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c20spc100 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c20spc101 | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c20spc300b078 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c00spc500pwe | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c20spc300pwe | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c00sph508 | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c20 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c00 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c00sph303 | Trust: 1.0 |
| vendor: | huawei | model: | nip6600 | scope: | eq | version: | v500r001c20spc200 | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c20spc200pwe | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c20spc100 | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c00spc500 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c20spc200b062 | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c20spc100pwe | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c00spc200 | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c20spc300b078 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c00sph303 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c00spc500 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c00spc301 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c20spc100 | Trust: 1.0 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c00spc500 | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c00sph508 | Trust: 1.0 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c00spc200 | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c00 | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c20spc300pwe | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c20spc300b078 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c20spc200 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c20spc200pwe | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c20spc300pwe | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c00spc500 | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c00spc500pwe | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c20 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c00spc200 | Trust: 1.0 |
| vendor: | huawei | model: | nip6600 | scope: | eq | version: | v500r001c20spc200pwe | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c20spc300b078 | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c00sph303 | Trust: 1.0 |
| vendor: | huawei | model: | nip6600 | scope: | eq | version: | v500r001c20spc100pwe | Trust: 1.0 |
| vendor: | huawei | model: | nip6600 | scope: | eq | version: | v500r001c00spc200 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c20spc300pwe | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c00spc100 | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c20spc200b062 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c20 | Trust: 1.0 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c00spc303 | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c20spc200 | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c00spc500 | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c20spc100 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c20spc200pwe | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c00 | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c00spc500 | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c20spc300b078 | Trust: 1.0 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c00 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c20spc100pwe | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c00spc200 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c20spc300b078 | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c00sph508 | Trust: 1.0 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | ngfw module | scope: | eq | version: | v500r001c20 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6500 | scope: | eq | version: | v500r001c00 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c20spc300 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6600 | scope: | eq | version: | v500r001c20spc300pwe | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c00sph303 | Trust: 1.0 |
| vendor: | huawei | model: | nip6600 | scope: | eq | version: | v500r001c20spc100 | Trust: 1.0 |
| vendor: | huawei | model: | secospace usg6300 | scope: | eq | version: | v500r001c20spc200 | Trust: 1.0 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c00spc500pwe | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c20spc100pwe | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | eq | version: | v500r001c00spc200 | Trust: 1.0 |
| vendor: | huawei | model: | nip6600 | scope: | eq | version: | v500r001c00spc300 | Trust: 1.0 |
| vendor: | huawei | model: | usg9500 | scope: | eq | version: | v500r001c00sph303 | Trust: 1.0 |
| vendor: | huawei | model: | nip6300 | scope: | eq | version: | v500r001c20spc200b062 | Trust: 1.0 |
| vendor: | huawei | model: | nip6600 | scope: | eq | version: | v500r001c00sph508 | Trust: 1.0 |
| vendor: | huawei | model: | ips module | scope: | - | version: | - | Trust: 0.8 |
| vendor: | huawei | model: | ngfw module | scope: | - | version: | - | Trust: 0.8 |
| vendor: | huawei | model: | nip6300 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | huawei | model: | nip6600 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | huawei | model: | secospace usg6300 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | huawei | model: | secospace usg6500 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | huawei | model: | secospace usg6600 | scope: | - | version: | - | Trust: 0.8 |
| vendor: | huawei | model: | usg9500 | scope: | - | version: | - | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.9 |
| problemtype: | CWE-772 | Trust: 1.1 |
THREAT TYPE
remote
Trust: 0.6
TYPE
input validation error
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | huawei-sa-20171206-01-ikev2 | url: | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en | Trust: 0.8 |
| title: | Multiple Huawei product IKEv2 Security vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100241 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2017-17153 | Trust: 2.5 |
| db: | JVNDB | id: | JVNDB-2017-012416 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201712-320 | Trust: 0.7 |
| db: | VULHUB | id: | VHN-108147 | Trust: 0.1 |
REFERENCES
| url: | http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en | Trust: 1.7 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-17153 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2017-17153 | Trust: 0.8 |
SOURCES
| db: | VULHUB | id: | VHN-108147 |
| db: | JVNDB | id: | JVNDB-2017-012416 |
| db: | CNNVD | id: | CNNVD-201712-320 |
| db: | NVD | id: | CVE-2017-17153 |
LAST UPDATE DATE
2024-11-23T21:39:41.848000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-108147 | date: | 2019-10-03T00:00:00 |
| db: | JVNDB | id: | JVNDB-2017-012416 | date: | 2018-03-09T00:00:00 |
| db: | CNNVD | id: | CNNVD-201712-320 | date: | 2019-10-23T00:00:00 |
| db: | NVD | id: | CVE-2017-17153 | date: | 2024-11-21T03:17:35.667 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-108147 | date: | 2018-02-15T00:00:00 |
| db: | JVNDB | id: | JVNDB-2017-012416 | date: | 2018-03-09T00:00:00 |
| db: | CNNVD | id: | CNNVD-201712-320 | date: | 2017-12-08T00:00:00 |
| db: | NVD | id: | CVE-2017-17153 | date: | 2018-02-15T16:29:01.720 |