cnvd - cnvd-2017-37678

cnvd-2017-37678

Vulnerability from cnvd

Title: 多款Huawei产品产品OSPF协议存在MaxAge LSA漏洞

Description:

Huawei AC6005等都是中国华为（Huawei）公司的产品。Huawei AC6005是一款接入控制设备。CloudEngine 12800是一款数据中心交换机设备。

多款Huawei产品产品OSPF协议存在MaxAge LSA漏洞。当设备接收到特定LSA报文，LS (Link Status)老化时间会被设置为MaxAge，即3600秒。攻击者可以利用这个漏洞毒化路由表并发起拒绝服务攻击。

Severity: 中

Patch Name: 多款Huawei产品产品OSPF协议存在MaxAge LSA漏洞的补丁

Patch Description:

Huawei AC6005等都是中国华为（Huawei）公司的产品。Huawei AC6005是一款接入控制设备。CloudEngine 12800是一款数据中心交换机设备。

多款Huawei产品产品OSPF协议存在MaxAge LSA漏洞。当设备接收到特定LSA报文，LS (Link Status)老化时间会被设置为MaxAge，即3600秒。攻击者可以利用这个漏洞毒化路由表并发起拒绝服务攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20170720-01-ospf-cn

Reference: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en

Impacted products

Name
['Huawei Secospace USG6600 V500R001C00', 'Huawei CloudEngine 12800 V100R003C00', 'Huawei CloudEngine 12800 V100R005C00', 'Huawei CloudEngine 12800 V100R005C10', 'Huawei S12700 V200R005C00', 'Huawei S9700 V200R001C00', 'Huawei S9700 V200R002C00', 'Huawei S9700 V200R006C00', 'Huawei S9700 V200R008C00', 'Huawei S12700 V200R006C00', 'Huawei S12700 V200R008C00', 'Huawei S12700 V200R007C00', 'Huawei S7700 V200R007C00', 'Huawei S9700 V200R007C00', 'Huawei CloudEngine 12800 V100R006C00', 'Huawei CloudEngine 5800 V100R005C00', 'Huawei CloudEngine 5800 V100R005C10', 'Huawei CloudEngine 5800 V100R006C00', 'Huawei CloudEngine 6800 V100R005C00', 'Huawei CloudEngine 6800 V100R005C10', 'Huawei CloudEngine 6800 V100R006C00', 'Huawei CloudEngine 7800 V100R005C00', 'Huawei CloudEngine 7800 V100R005C10', 'Huawei CloudEngine 7800 V100R006C00', 'Huawei CloudEngine 8800 V100R006C00', 'Huawei S9700 V200R008C00', 'Huawei CloudEngine 5800 V100R003C00', 'Huawei CloudEngine 6800 V100R003C00', 'Huawei CloudEngine 7800 V100R003C00', 'Huawei CloudEngine 12800 V200R001C00', 'Huawei CloudEngine 6800 V200R001C00', 'Huawei CloudEngine 7800 V200R001C00', 'Huawei CloudEngine 8800 V200R001C00', 'Huawei AC6005 V200R006C10SPC200', 'Huawei AR1200 V200R005C10CP0582T', 'Huawei AR200 V200R005C20SPC026T', 'Huawei AR3200 V200R005C20SPC026T', 'Huawei Secospace USG6600 V500R001C20', 'Huawei Secospace USG6600 V500R001C30', 'Huawei AC6605 V200R006C10SPC200', 'Huawei AR1200 V200R005C10HP0581T', 'Huawei AR1200 V200R005C20SPC026T', 'Huawei CloudEngine 5800 V200R001C00', 'Huawei E600 V200R008C00', 'Huawei S1700 V100R006C00', 'Huawei S1700 V100R007C00', 'Huawei S1700 V200R006C00', 'Huawei S2300 V100R005C00', 'Huawei S2300 V100R006C00', 'Huawei S2300 V100R006C05', 'Huawei S2300 V200R003C00', 'Huawei S2300 V200R003C02', 'Huawei S2300 V200R003C10', 'Huawei S2300 V200R005C00', 'Huawei S2300 V200R005C01', 'Huawei S2300 V200R005C02', 'Huawei S2300 V200R005C03', 'Huawei S2300 V200R007C00', 'Huawei S2300 V200R008C00', 'Huawei S2700 V100R005C00', 'Huawei S2700 V100R006C00', 'Huawei S2700 V100R006C03', 'Huawei S2700 V100R006C05', 'Huawei S2700 V200R003C00', 'Huawei S2700 V200R003C02', 'Huawei S2700 V200R003C10', 'Huawei S2700 V200R005C00', 'Huawei S2700 V200R005C01', 'Huawei S2700 V200R005C02', 'Huawei S2700 V200R005C03', 'Huawei S2700 V200R006C00', 'Huawei S2700 V200R007C00', 'Huawei S2700 V200R008C00', 'Huawei S5300 V100R005C00', 'Huawei S5300 V100R006C00', 'Huawei S5300 V100R006C01', 'Huawei S5300 V200R001C01', 'Huawei S5300 V200R002C00', 'Huawei S5300 V200R003C00', 'Huawei S5300 V200R003C02', 'Huawei S5300 V200R003C10', 'Huawei S5300 V200R005C00', 'Huawei S5300 V200R006C00', 'Huawei S5300 V200R007C00', 'Huawei S5300 V200R008C00', 'Huawei S5700 V100R005C00', 'Huawei S5700 V100R006C00', 'Huawei S5700 V100R006C01', 'Huawei S5700 V200R001C00', 'Huawei S5700 V200R001C01', 'Huawei S5700 V200R002C00', 'Huawei S5700 V200R003C00', 'Huawei S5700 V200R003C02', 'Huawei S5700 V200R003C10', 'Huawei S5700 V200R005C00', 'Huawei S5700 V200R006C00', 'Huawei S5700 V200R008C00', 'Huawei S6300 V100R006C00', 'Huawei S6300 V200R001C01', 'Huawei S6300 V200R002C00', 'Huawei S6300 V200R003C00', 'Huawei S6300 V200R003C02', 'Huawei S6300 V200R003C10', 'Huawei S6300 V200R005C00', 'Huawei S6300 V200R008C00', 'Huawei S6700 V100R006C00', 'Huawei S6700 V200R001C01', 'Huawei S6700 V200R002C00', 'Huawei S6700 V200R003C00', 'Huawei S6700 V200R003C02', 'Huawei S6700 V200R003C10', 'Huawei S6700 V200R006C00', 'Huawei S6700 V200R008C00', 'Huawei S7700 V100R003C00', 'Huawei S7700 V100R006C00', 'Huawei S7700 V200R001C01', 'Huawei S7700 V200R002C00', 'Huawei S7700 V200R006C00', 'Huawei S7700 V200R008C00', 'Huawei S9300 V100R001C00', 'Huawei S9300 V100R002C00', 'Huawei S9300 V100R003C00', 'Huawei S9300 V100R006C00', 'Huawei S9300 V200R002C00', 'Huawei S9300 V200R006C00', 'Huawei S9300 V200R008C00', 'Huawei S9300 V200R008C10']

Name

['Huawei Secospace USG6600 V500R001C00', 'Huawei CloudEngine 12800 V100R003C00', 'Huawei CloudEngine 12800 V100R005C00', 'Huawei CloudEngine 12800 V100R005C10', 'Huawei S12700 V200R005C00', 'Huawei S9700 V200R001C00', 'Huawei S9700 V200R002C00', 'Huawei S9700 V200R006C00', 'Huawei S9700 V200R008C00', 'Huawei S12700 V200R006C00', 'Huawei S12700 V200R008C00', 'Huawei S12700 V200R007C00', 'Huawei S7700 V200R007C00', 'Huawei S9700 V200R007C00', 'Huawei CloudEngine 12800 V100R006C00', 'Huawei CloudEngine 5800 V100R005C00', 'Huawei CloudEngine 5800 V100R005C10', 'Huawei CloudEngine 5800 V100R006C00', 'Huawei CloudEngine 6800 V100R005C00', 'Huawei CloudEngine 6800 V100R005C10', 'Huawei CloudEngine 6800 V100R006C00', 'Huawei CloudEngine 7800 V100R005C00', 'Huawei CloudEngine 7800 V100R005C10', 'Huawei CloudEngine 7800 V100R006C00', 'Huawei CloudEngine 8800 V100R006C00', 'Huawei S9700 V200R008C00', 'Huawei CloudEngine 5800 V100R003C00', 'Huawei CloudEngine 6800 V100R003C00', 'Huawei CloudEngine 7800 V100R003C00', 'Huawei CloudEngine 12800 V200R001C00', 'Huawei CloudEngine 6800 V200R001C00', 'Huawei CloudEngine 7800 V200R001C00', 'Huawei CloudEngine 8800 V200R001C00', 'Huawei AC6005 V200R006C10SPC200', 'Huawei AR1200 V200R005C10CP0582T', 'Huawei AR200 V200R005C20SPC026T', 'Huawei AR3200 V200R005C20SPC026T', 'Huawei Secospace USG6600 V500R001C20', 'Huawei Secospace USG6600 V500R001C30', 'Huawei AC6605 V200R006C10SPC200', 'Huawei AR1200 V200R005C10HP0581T', 'Huawei AR1200 V200R005C20SPC026T', 'Huawei CloudEngine 5800 V200R001C00', 'Huawei E600 V200R008C00', 'Huawei S1700 V100R006C00', 'Huawei S1700 V100R007C00', 'Huawei S1700 V200R006C00', 'Huawei S2300 V100R005C00', 'Huawei S2300 V100R006C00', 'Huawei S2300 V100R006C05', 'Huawei S2300 V200R003C00', 'Huawei S2300 V200R003C02', 'Huawei S2300 V200R003C10', 'Huawei S2300 V200R005C00', 'Huawei S2300 V200R005C01', 'Huawei S2300 V200R005C02', 'Huawei S2300 V200R005C03', 'Huawei S2300 V200R007C00', 'Huawei S2300 V200R008C00', 'Huawei S2700 V100R005C00', 'Huawei S2700 V100R006C00', 'Huawei S2700 V100R006C03', 'Huawei S2700 V100R006C05', 'Huawei S2700 V200R003C00', 'Huawei S2700 V200R003C02', 'Huawei S2700 V200R003C10', 'Huawei S2700 V200R005C00', 'Huawei S2700 V200R005C01', 'Huawei S2700 V200R005C02', 'Huawei S2700 V200R005C03', 'Huawei S2700 V200R006C00', 'Huawei S2700 V200R007C00', 'Huawei S2700 V200R008C00', 'Huawei S5300 V100R005C00', 'Huawei S5300 V100R006C00', 'Huawei S5300 V100R006C01', 'Huawei S5300 V200R001C01', 'Huawei S5300 V200R002C00', 'Huawei S5300 V200R003C00', 'Huawei S5300 V200R003C02', 'Huawei S5300 V200R003C10', 'Huawei S5300 V200R005C00', 'Huawei S5300 V200R006C00', 'Huawei S5300 V200R007C00', 'Huawei S5300 V200R008C00', 'Huawei S5700 V100R005C00', 'Huawei S5700 V100R006C00', 'Huawei S5700 V100R006C01', 'Huawei S5700 V200R001C00', 'Huawei S5700 V200R001C01', 'Huawei S5700 V200R002C00', 'Huawei S5700 V200R003C00', 'Huawei S5700 V200R003C02', 'Huawei S5700 V200R003C10', 'Huawei S5700 V200R005C00', 'Huawei S5700 V200R006C00', 'Huawei S5700 V200R008C00', 'Huawei S6300 V100R006C00', 'Huawei S6300 V200R001C01', 'Huawei S6300 V200R002C00', 'Huawei S6300 V200R003C00', 'Huawei S6300 V200R003C02', 'Huawei S6300 V200R003C10', 'Huawei S6300 V200R005C00', 'Huawei S6300 V200R008C00', 'Huawei S6700 V100R006C00', 'Huawei S6700 V200R001C01', 'Huawei S6700 V200R002C00', 'Huawei S6700 V200R003C00', 'Huawei S6700 V200R003C02', 'Huawei S6700 V200R003C10', 'Huawei S6700 V200R006C00', 'Huawei S6700 V200R008C00', 'Huawei S7700 V100R003C00', 'Huawei S7700 V100R006C00', 'Huawei S7700 V200R001C01', 'Huawei S7700 V200R002C00', 'Huawei S7700 V200R006C00', 'Huawei S7700 V200R008C00', 'Huawei S9300 V100R001C00', 'Huawei S9300 V100R002C00', 'Huawei S9300 V100R003C00', 'Huawei S9300 V100R006C00', 'Huawei S9300 V200R002C00', 'Huawei S9300 V200R006C00', 'Huawei S9300 V200R008C00', 'Huawei S9300 V200R008C10']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-8147"
    }
  },
  "description": "Huawei AC6005\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Huawei AC6005\u662f\u4e00\u6b3e\u63a5\u5165\u63a7\u5236\u8bbe\u5907\u3002CloudEngine 12800\u662f\u4e00\u6b3e\u6570\u636e\u4e2d\u5fc3\u4ea4\u6362\u673a\u8bbe\u5907\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1\u4ea7\u54c1OSPF\u534f\u8bae\u5b58\u5728MaxAge LSA\u6f0f\u6d1e\u3002\u5f53\u8bbe\u5907\u63a5\u6536\u5230\u7279\u5b9aLSA\u62a5\u6587\uff0cLS (Link Status)\u8001\u5316\u65f6\u95f4\u4f1a\u88ab\u8bbe\u7f6e\u4e3aMaxAge\uff0c\u53733600\u79d2\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8fd9\u4e2a\u6f0f\u6d1e\u6bd2\u5316\u8def\u7531\u8868\u5e76\u53d1\u8d77\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "Adi Sosnovich\uff0c Orna Grumberg\u548cGabi Nakibly",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20170720-01-ospf-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-37678",
  "openTime": "2017-12-20",
  "patchDescription": "Huawei AC6005\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002Huawei AC6005\u662f\u4e00\u6b3e\u63a5\u5165\u63a7\u5236\u8bbe\u5907\u3002CloudEngine 12800\u662f\u4e00\u6b3e\u6570\u636e\u4e2d\u5fc3\u4ea4\u6362\u673a\u8bbe\u5907\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1\u4ea7\u54c1OSPF\u534f\u8bae\u5b58\u5728MaxAge LSA\u6f0f\u6d1e\u3002\u5f53\u8bbe\u5907\u63a5\u6536\u5230\u7279\u5b9aLSA\u62a5\u6587\uff0cLS (Link Status)\u8001\u5316\u65f6\u95f4\u4f1a\u88ab\u8bbe\u7f6e\u4e3aMaxAge\uff0c\u53733600\u79d2\u3002\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u8fd9\u4e2a\u6f0f\u6d1e\u6bd2\u5316\u8def\u7531\u8868\u5e76\u53d1\u8d77\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eHuawei\u4ea7\u54c1\u4ea7\u54c1OSPF\u534f\u8bae\u5b58\u5728MaxAge LSA\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei Secospace USG6600 V500R001C00",
      "Huawei CloudEngine 12800 V100R003C00",
      "Huawei CloudEngine 12800 V100R005C00",
      "Huawei CloudEngine 12800 V100R005C10",
      "Huawei S12700 V200R005C00",
      "Huawei S9700 V200R001C00",
      "Huawei S9700  V200R002C00",
      "Huawei S9700  V200R006C00",
      "Huawei S9700  V200R008C00",
      "Huawei S12700 V200R006C00",
      "Huawei S12700  V200R008C00",
      "Huawei S12700 V200R007C00",
      "Huawei S7700 V200R007C00",
      "Huawei S9700 V200R007C00",
      "Huawei CloudEngine 12800 V100R006C00",
      "Huawei CloudEngine 5800 V100R005C00",
      "Huawei CloudEngine 5800 V100R005C10",
      "Huawei CloudEngine 5800 V100R006C00",
      "Huawei CloudEngine 6800 V100R005C00",
      "Huawei CloudEngine 6800 V100R005C10",
      "Huawei CloudEngine 6800 V100R006C00",
      "Huawei CloudEngine 7800 V100R005C00",
      "Huawei CloudEngine 7800 V100R005C10",
      "Huawei CloudEngine 7800 V100R006C00",
      "Huawei CloudEngine 8800 V100R006C00",
      "Huawei S9700 V200R008C00",
      "Huawei CloudEngine 5800 V100R003C00",
      "Huawei CloudEngine 6800 V100R003C00",
      "Huawei CloudEngine 7800 V100R003C00",
      "Huawei CloudEngine 12800 V200R001C00",
      "Huawei CloudEngine 6800 V200R001C00",
      "Huawei CloudEngine 7800 V200R001C00",
      "Huawei CloudEngine 8800 V200R001C00",
      "Huawei AC6005 V200R006C10SPC200",
      "Huawei AR1200 V200R005C10CP0582T",
      "Huawei AR200 V200R005C20SPC026T",
      "Huawei AR3200 V200R005C20SPC026T",
      "Huawei Secospace USG6600 V500R001C20",
      "Huawei Secospace USG6600 V500R001C30",
      "Huawei AC6605 V200R006C10SPC200",
      "Huawei AR1200 V200R005C10HP0581T",
      "Huawei AR1200 V200R005C20SPC026T",
      "Huawei CloudEngine 5800 V200R001C00",
      "Huawei E600 V200R008C00",
      "Huawei S1700 V100R006C00",
      "Huawei S1700 V100R007C00",
      "Huawei S1700 V200R006C00",
      "Huawei S2300 V100R005C00",
      "Huawei S2300 V100R006C00",
      "Huawei S2300 V100R006C05",
      "Huawei S2300 V200R003C00",
      "Huawei S2300 V200R003C02",
      "Huawei S2300 V200R003C10",
      "Huawei S2300 V200R005C00",
      "Huawei S2300 V200R005C01",
      "Huawei S2300 V200R005C02",
      "Huawei S2300 V200R005C03",
      "Huawei S2300 V200R007C00",
      "Huawei S2300 V200R008C00",
      "Huawei S2700 V100R005C00",
      "Huawei S2700 V100R006C00",
      "Huawei S2700 V100R006C03",
      "Huawei S2700 V100R006C05",
      "Huawei S2700 V200R003C00",
      "Huawei S2700 V200R003C02",
      "Huawei S2700 V200R003C10",
      "Huawei S2700 V200R005C00",
      "Huawei S2700 V200R005C01",
      "Huawei S2700 V200R005C02",
      "Huawei S2700 V200R005C03",
      "Huawei S2700 V200R006C00",
      "Huawei S2700 V200R007C00",
      "Huawei S2700 V200R008C00",
      "Huawei S5300 V100R005C00",
      "Huawei S5300 V100R006C00",
      "Huawei S5300 V100R006C01",
      "Huawei S5300 V200R001C01",
      "Huawei S5300 V200R002C00",
      "Huawei S5300 V200R003C00",
      "Huawei S5300 V200R003C02",
      "Huawei S5300 V200R003C10",
      "Huawei S5300 V200R005C00",
      "Huawei S5300 V200R006C00",
      "Huawei S5300 V200R007C00",
      "Huawei S5300 V200R008C00",
      "Huawei S5700 V100R005C00",
      "Huawei S5700 V100R006C00",
      "Huawei S5700 V100R006C01",
      "Huawei S5700 V200R001C00",
      "Huawei S5700 V200R001C01",
      "Huawei S5700 V200R002C00",
      "Huawei S5700 V200R003C00",
      "Huawei S5700 V200R003C02",
      "Huawei S5700 V200R003C10",
      "Huawei S5700 V200R005C00",
      "Huawei S5700 V200R006C00",
      "Huawei S5700 V200R008C00",
      "Huawei S6300 V100R006C00",
      "Huawei S6300 V200R001C01",
      "Huawei S6300 V200R002C00",
      "Huawei S6300 V200R003C00",
      "Huawei S6300 V200R003C02",
      "Huawei S6300 V200R003C10",
      "Huawei S6300 V200R005C00",
      "Huawei S6300 V200R008C00",
      "Huawei S6700 V100R006C00",
      "Huawei S6700 V200R001C01",
      "Huawei S6700 V200R002C00",
      "Huawei S6700 V200R003C00",
      "Huawei S6700 V200R003C02",
      "Huawei S6700 V200R003C10",
      "Huawei S6700 V200R006C00",
      "Huawei S6700 V200R008C00",
      "Huawei S7700 V100R003C00",
      "Huawei S7700 V100R006C00",
      "Huawei S7700 V200R001C01",
      "Huawei S7700 V200R002C00",
      "Huawei S7700 V200R006C00",
      "Huawei S7700 V200R008C00",
      "Huawei S9300 V100R001C00",
      "Huawei S9300 V100R002C00",
      "Huawei S9300 V100R003C00",
      "Huawei S9300 V100R006C00",
      "Huawei S9300 V200R002C00",
      "Huawei S9300 V200R006C00",
      "Huawei S9300 V200R008C00",
      "Huawei S9300 V200R008C10"
    ]
  },
  "referenceLink": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en",
  "serverity": "\u4e2d",
  "submitTime": "2017-11-25",
  "title": "\u591a\u6b3eHuawei\u4ea7\u54c1\u4ea7\u54c1OSPF\u534f\u8bae\u5b58\u5728MaxAge LSA\u6f0f\u6d1e"
}

CVE-2017-8147 (GCVE-0-2017-8147)

Vulnerability from cvelistv5

Published

2017-11-22 19:00

Modified

2024-09-16 17:03

Severity ?

CWE

MaxAge LSA

Summary

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack.

References

▼	URL	Tags
	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Huawei Technologies Co., Ltd.	AC6005,AC6605,AR1200,AR200,AR3200,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,E600,S12700,S1700,S2300,S2700,S5300,S5700,S6300,S6700,S7700,S9300,S9700,Secospace USG6600,	Version: AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005 ...[truncated*]

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:27:22.909Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "AC6005,AC6605,AR1200,AR200,AR3200,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,E600,S12700,S1700,S2300,S2700,S5300,S5700,S6300,S6700,S7700,S9300,S9700,Secospace USG6600,",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005 ...[truncated*]"
            }
          ]
        }
      ],
      "datePublic": "2017-11-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "MaxAge LSA",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-22T18:57:01",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en"
        }
      ],
      "x_ConverterErrors": {
        "version_name": {
          "error": "version_name too long. Use array of versions to record more than one version.",
          "message": "Truncated!"
        }
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "DATE_PUBLIC": "2017-11-15T00:00:00",
          "ID": "CVE-2017-8147",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "AC6005,AC6605,AR1200,AR200,AR3200,CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800,CloudEngine 8800,E600,S12700,S1700,S2300,S2700,S5300,S5700,S6300,S6700,S7700,S9300,S9700,Secospace USG6600,",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei Technologies Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 8800 with software V100R006C00, V200R001C00,E600 V200R008C00,S12700 with software V200R005C00, V200R006C00, V200R007C00, V200R008C00,S1700 with software V100R006C00, V100R007C00, V200R006C00,S2300 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S2700 with software V100R005C00, V100R006C00, V100R006C03, V100R006C05, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R006C00, V200R007C00, V200R008C00,S5300 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S5700 with software V100R005C00, V100R006C00, V100R006C01, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S6300 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R008C00,S6700 with software V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R003C02, V200R003C10, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S7700 with software V100R003C00, V100R006C00, V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,S9300 with software V100R001C00, V100R002C00, V100R003C00, V100R006C00, V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R008C10,S9700 with software V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00,Secospace USG6600 V500R001C00SPC050 have a MaxAge LSA vulnerability due to improper OSPF implementation. When the device receives special LSA packets, the LS (Link Status) age would be set to MaxAge, 3600 seconds. An attacker can exploit this vulnerability to poison the route table and launch a DoS attack."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "MaxAge LSA"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170720-01-ospf-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2017-8147",
    "datePublished": "2017-11-22T19:00:00Z",
    "dateReserved": "2017-04-25T00:00:00",
    "dateUpdated": "2024-09-16T17:03:05.616Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted