CVE-2017-8174
Severity CVSS v4.0:
Pending analysis
Type:
CWE-326
Inadequate Encryption Strength
Publication date:
22/11/2017
Last modified:
20/04/2025
Description
Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Attackers may exploit the weak algorithm vulnerability to crack the cipher text and cause confidential information leaks on the transmission links.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:huawei:secospace_usg6300_firmware:v100r001c30spc300:*:*:*:*:*:*:* | ||
| cpe:2.3:h:huawei:secospace_usg6300:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c30spc500:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c30spc600:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c30spc700:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:secospace_usg6600_firmware:v100r001c30spc800:*:*:*:*:*:*:* | ||
| cpe:2.3:h:huawei:secospace_usg6600:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page