CVE-2017-17167

Published Mar 9, 2018

Last updated 7 years ago

CVSS medium 5.9

Overview

Description: Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could use well-known techniques to break the algorithm. Successful exploit could result in the exposure of sensitive information.
Source: psirt@huawei.com
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 5.9
Impact score: 3.6
Exploitability score: 2.2
Vector string: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity: MEDIUM

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-327

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:dp300_firmware:v500r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8871106B-D3AF-4CFB-A544-1FA411642428"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:dp300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7F3483B2-9EB6-4E34-900A-945C04A3160D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:tp3206_firmware:v100r002c00:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D28E0627-0B19-4616-933E-76294F83813F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:tp3206:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "45ED506D-5094-476B-83F0-CBBED04EF348"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C83F8B1-67D2-4D4C-8FB5-2C61EDD0FCF3"
          },
          {
            "criteria": "cpe:2.3:o:huawei:viewpoint_9030_firmware:v100r011c03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0ADEC8B2-CD7F-4246-88C0-E27B939829AB"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:huawei:viewpoint_9030:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F6208C34-D92D-4605-B4AF-6EA597CBA0F2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References