CVE-2017-17160

Published Feb 15, 2018
Last updated 7 years ago
CVSS medium 5.9
Overview

Description: Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C02, AR3600 V200R006C10, V200R007C00, AR510 V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, NetEngine16EX V200R006C10, V200R007C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, SRG2300 V200R006C10, V200R007C00, V200R007C02, SRG3300 V200R006C10, V200R007C00 have a buffer overflow vulnerability due to incomplete range checks of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious IKE packets to the targeted device. An exploit could allow the attacker to cause the device to write out of bound and restart.
Source: psirt@huawei.com
NVD status: Analyzed
Risk scores

CVSS 3.0

Type: Primary
Base score: 5.9
Impact score: 3.6
Exploitability score: 2.2
Vector string: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 7.1
Impact score: 6.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:N/A:C
Weaknesses

nvd@nist.gov: CWE-787
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9EC3BAF-54F8-4EEC-A99B-D8BD458EE638"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DD9E894-321E-4A61-9DA6-677042DDD739"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D0CFDB51-BF44-4433-AB2A-CFF553F8D640"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CFE416CD-53B5-4E08-BB30-682887740C3D"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r006c13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83D6C34F-ED85-461D-89AF-3B8C439867FF"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F64071E5-6ACD-4E51-9162-B0FF3DC08E07"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4459EF03-890E-446E-8702-8F7CE499FB48"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D4BA4150-8CA8-48BF-9D45-ABC8AC710060"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBB60F62-0715-4C1E-B352-A3D61B56E2AD"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D125153E-FE39-49A7-95AA-9482C78E7114"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A0C5EF2-05D5-4DE5-AFA3-5394E51B33E4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar1200-s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B053C248-3CC2-476D-95A7-90EDD8EAAD69"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0D92A6F-B30C-4E09-91FC-9C7FFF375710"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "455D7A4E-523E-40C8-958D-59D128F3E797"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C1B1393-1D47-448D-A5FF-0B2EF74CF172"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "526371A8-11FE-4D00-AFBB-8E867A320B27"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72BC8C3E-420F-49D1-9E58-98E4E23A024F"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "787AC5E3-CE88-491D-8211-BAB11112019D"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar150-s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "ED3D18A0-71EC-4B1E-89FC-9522F9A64ACA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85A72083-717F-4C71-A2D7-62E1C64FEE94"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r006c12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAB93A84-773E-4DDF-B8B6-8705D2000CBB"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B15E8B7-9F4B-45F1-B4FF-B32AF8CEA9FA"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34CCEC64-BD07-49F7-8804-98A74257F060"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar160:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "137A007D-A498-483F-8B4F-DCA118B25F11"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7C77ADC-2511-4630-B5F5-F2991EA39E0A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "622686BB-9302-449F-9351-75B189D1B184"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2562CCF8-A4A7-4ACD-AA67-E3DB8B5ADA92"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7114E20-407A-4B1C-9FCE-FF367B50E0E6"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE9B95EB-A848-4311-8500-9C909784393E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar200-s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BEDFA4F2-3040-4355-B6E0-4F3B9FC2CDDC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F042B27-F875-4BA3-9002-E5ADC544208B"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r006c13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FC62ECA-1F47-4316-87F4-60E7E8FFCEB9"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r006c16pwe:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DD069FB1-8A7E-4D29-94F2-D7F94BA306D4"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F377CE1E-77A7-447F-B692-A54682A26BB4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "50662078-4827-4706-AE29-170E2239C5AE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32119825-AF22-44AA-8D04-1FAACF9E2E89"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A2BC38B-D016-4E83-A14E-FE8575135DD9"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B897F931-00B2-4FDF-90CE-5077416E42BC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar2200-s:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5862E1A5-0222-4059-B9D7-716A6D0EB8CC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB9A3444-A485-4B87-B910-F3DA5C8E5D74"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B8BE6310-A42C-4BB3-BB02-7CE6F4FF340D"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9752658E-3CF5-4D9E-98FB-D15FD892479C"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC727A7A-CF3D-4DC9-9083-A0CE8ED886A8"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26CFB676-658E-4DEF-8C29-13CA633D7270"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D395DD8-E338-457E-A4E6-D3A08DE1B571"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar3600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D30DC2EA-1F76-4CA6-BAC2-8DC796BE50B1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4072905-CA96-44F9-8868-BB20BDC56EE6"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1CE13681-CF1A-4765-B35A-E6E674C334B4"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F77B216-3E00-4EC0-9BEB-6ACD322874C8"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5F06D60-CC92-4B27-9248-40C9CD8EF000"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03F01709-8D14-4C0D-9990-0BC01AAEE1B3"
          },
          {
            "criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50C579A9-2768-4202-9171-BC803554E923"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:ar510:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FCD9E893-609B-4C97-82E6-0651AEC39D14"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE7A0E2C-8383-443D-8625-77CBC53D2140"
          },
          {
            "criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F719A3F-2EEE-470B-B42B-0E4B7C7CBD89"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:netengine16ex:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E6224ECC-6949-4204-94D1-C7374C142A50"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DF1DFD2-5337-45CA-A1A9-2E6622536027"
          },
          {
            "criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B319F31F-94D7-468F-8F71-96F40867AEA0"
          },
          {
            "criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27D882C1-BFE2-4C29-86FF-C10F86323D5E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:srg1300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CF77FB70-AAF3-421E-8D9B-F0C54E6A2FC0"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D485D5E3-3819-4F3A-B841-ACB6253ACF2F"
          },
          {
            "criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D10EBBF2-8F03-472C-96DB-C72E426E4E38"
          },
          {
            "criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B0E2E7D1-1F41-4EB2-9401-A3C4F988D64C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:srg2300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9BAF601C-B8EC-42F5-95F4-274F8492F57E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r006c10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "309B9B0E-3639-4913-9DE4-9D4DAE6B0065"
          },
          {
            "criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4619CF2C-AB5D-475A-ACF6-61EE02306F7A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:srg3300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "43681AE7-5C12-4772-85A9-0A10177C6CFD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
