CVE-2017-17165

Published Feb 15, 2018
Last updated 7 years ago
CVSS high 7.5
Overview

Description: IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, S2300 V200R003C00, V200R003C00SPC300T, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S2700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S5300 V200R003C00, V200R003C00SPC300T, V200R003C00SPC600, V200R003C02, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R005C05, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S5700 V200R003C00, V200R003C00SPC316T, V200R003C00SPC600, V200R003C02, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S600-E V200R008C00, V200R009C00, S6300 V200R003C00, V200R005C00, V200R007C00, V200R008C00, V200R009C00, S6700 V200R003C00, V200R005C00, V200R005C01, V200R005C02, V200R007C00, V200R008C00, V200R009C00 has an out-of-bounds read vulnerability. An unauthenticated attacker may send crafted malformed IPv6 packets to the affected products. Due to insufficient verification of the packets, successful exploit will cause device to reset.
Source: psirt@huawei.com
NVD status: Analyzed
Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C
Weaknesses

nvd@nist.gov: CWE-125
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:quidway_s2700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B08E7609-C571-4153-AF1F-120B2DE2E7FA"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:quidway_s2700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CC5853F5-8FEB-4B7E-9303-4BB25BE292F6"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:quidway_s5300_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D3FED39-7AA4-4F95-804E-906CEBFED132"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:quidway_s5300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4C872196-628D-42A2-AC58-69CD8784CE5D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:quidway_s5700_firmware:v200r003c00spc300:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C4323CCE-DD88-4955-8D80-30D7A6733C92"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:quidway_s5700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6E83E3A8-C28D-437E-AC09-153B8A2FD14E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C6CC00C-1056-426B-9828-1A886F2C8D41"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r003c00spc300t:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2309FEA1-08EF-4D7C-A696-A9A38E6AEDDD"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F1C82DA6-8D95-45D2-B54C-CFE1AA9CC1F1"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F982369-1A22-4F39-90AD-ABB824845774"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79FA2FDA-DB2D-47D9-8017-0E5D4EC8D620"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A40EFA43-E71F-464D-829C-8D4C60A57765"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s2300_firmware:v200r009c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C946DD64-C69E-4806-850C-D956D96CDE08"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s2300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "17566603-275F-4E6B-B5D9-4A716EEC03DC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AED7DFC5-846F-4F90-91A8-13E9E805C9CF"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "193FCE7A-C793-446B-9C39-20597FA7BC70"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E364889D-CDEE-4D8C-82E5-6D5BC3DD768A"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FB8FC67E-DFD3-482E-B7D6-17464885B8DC"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s2700_firmware:v200r009c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6F69BC3-E6C0-4E70-AC13-D79D840579DB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s2700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DD2CD071-58E4-4061-8217-990453213470"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD601FFF-E623-4ADC-B286-D11B8004D7CF"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r003c00spc300t:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BED3B4C-4656-4676-97BE-EE5012F73FE8"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r003c00spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "922D09A3-AC4E-4CAE-8737-5E3A8EB4F269"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r003c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D5A6744-9B7F-4FF4-BE1B-AB6E6249ECE3"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5EAEF900-7C8C-4569-B74B-A802F951CC47"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r005c01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB2B09C5-81F1-48B4-940D-6DFD06200139"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r005c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDC356D3-F015-46A0-8F7A-1C594F19535B"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r005c03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4676DD73-3F04-4327-842A-1FCB6CB7650D"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r005c05:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54E6A13C-2E5B-4130-BD37-5521852AFEB9"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58C2E728-E8F2-461D-A069-4BEC88B94FD0"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD6B13D4-07F3-4CB5-8194-89781E685A78"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5454BC21-A04F-4B3D-8533-2414B6E1BC8C"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5300_firmware:v200r009c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F31814D-5879-4FB9-BDAE-01CFC75D9AF4"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s5300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2CFEF08E-54C5-4D60-AFF0-37B00D6E2DDD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4907FBB8-5157-460D-9240-DD7D610C0FCC"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00spc316t:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17B32A0A-E35B-438E-A666-54700EF2ED69"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c00spc600:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D6F9128-F253-4EAC-84B1-93DC8F40C3F7"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r003c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2898D6C5-77AB-4C1F-8134-B2DBD13EDB81"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DCF23DAE-1215-41B2-88C5-4436D846266C"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F64CA8E2-AF04-42B3-8E26-2EF379703B1F"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB33B908-085C-43C6-B8B7-25BBF3614C9E"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r005c03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B18ABC1-A970-472A-A8BF-934D1180930E"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r006c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5973A534-F961-4A97-B20E-994BA28AFE29"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40745A01-E5AC-4207-A34F-D8E7F7231F83"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21FFF548-FBEF-468A-A8DE-1DB1B7C0B3AF"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s5700_firmware:v200r009c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48B5A9B7-A931-4806-8AC7-302C6CA49CF1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s5700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E22D3CFF-3353-4EE2-8933-84F395469D0D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s600-e_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "299234CD-AD78-4C53-8B7E-C0B22681ADB2"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s600-e_firmware:v200r009c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F40ADCF0-4FE9-492E-B34A-69BEF6DEAFE5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s600-e:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3E02D610-AB78-476B-9049-FDB66D9E9907"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C330A14-C941-4B28-AA9C-B78A96A9011D"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C6818ECD-730B-40D6-9108-B8540CC4BF1E"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5811970-FE82-4888-A01D-B356B5578296"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "939C73D9-E0E9-47A5-970E-6C84F5ECD2D7"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6300_firmware:v200r009c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B39BBA0F-8EB9-40BA-B8DF-5C735F2216A3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s6300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AA3C8988-A1FC-4B04-9134-F2BDDADEAFB5"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r003c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "749B68B9-9F62-4E7A-AC86-F4073BA32E18"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F18D9776-5CE7-4DD3-9119-7FB08A35B955"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4979AA8-0D8E-4F37-A7DC-709BE4821D51"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r005c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "898AC16A-8F4E-4709-A3B4-DE74FFB91130"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r007c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF4AF711-D921-4261-A459-2A0780EA951F"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r008c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DA5CF67-A58B-4666-B87E-712507233453"
          },
          {
            "criteria": "cpe:2.3:o:huawei:s6700_firmware:v200r009c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9EA93B5-01A5-4506-9B0A-993621E6940E"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:s6700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DA7AC10D-B0DD-4206-8642-134DDD585C06"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References
