CVE-2017-17312
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
21/08/2018
Last modified:
12/10/2018
Description
Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a DoS vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Due to improper handling of the malformed messages, an attacker may sent crafted packets to the affected device to exploit these vulnerabilities. Successful exploit the vulnerability could lead to device deny of service.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
7.80
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:huawei:usg2205bsr_firmware:v300r001c10spc600:*:*:*:*:*:*:* | ||
| cpe:2.3:h:huawei:usg2205bsr:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:usg2220bsr_firmware:v300r001c00:*:*:*:*:*:*:* | ||
| cpe:2.3:h:huawei:usg2220bsr:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:usg5120bsr_firmware:v300r001c00:*:*:*:*:*:*:* | ||
| cpe:2.3:h:huawei:usg5120bsr:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:huawei:usg5150bsr_firmware:v300r001c00:*:*:*:*:*:*:* | ||
| cpe:2.3:h:huawei:usg5150bsr:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page