cnvd - cnvd-2017-38287

cnvd-2017-38287

Vulnerability from cnvd

Title: 多款Huawei产品IKEv2协议内存越界访问漏洞（CNVD-2017-38287）

Description:

Huawei IPS Module、NGFW Module、NIP6300/6600系列产品及Secospace USG系列都是华为（Huawei）公司面向企业、IDC、校园网和运营商等客户推出的新一代专业入侵防御和防火墙产品。

多款Huawei产品IKEv2协议存在内存越界访问漏洞，该漏洞是由于IKEv2处理报文时未能对内容进行充分校验。攻击者可通过构造特殊报文，触发内存访问越界，造成系统异常。

Severity: 低

Patch Name: 多款Huawei产品IKEv2协议内存越界访问漏洞（CNVD-2017-38287）的补丁

Patch Description:

多款Huawei产品IKEv2协议存在内存越界访问漏洞，该漏洞是由于IKEv2处理报文时未能对内容进行充分校验。攻击者可通过构造特殊报文，触发内存访问越界，造成系统异常。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-ikev2-cn

Reference: http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-ikev2-cn

Impacted products

Name
['Huawei IPS Module V500R001C00', 'Huawei IPS Module V100R001C20', 'Huawei IPS Module V500R001C00SPC200', 'Huawei IPS Module V500R001C00SPC300', 'Huawei IPS Module V500R001C00SPC500', 'Huawei IPS Module V500R001C00SPH303', 'Huawei IPS Module V500R001C00SPH508', 'Huawei IPS Module V500R001C20SPC100', 'Huawei IPS Module V500R001C20SPC100PWE', 'Huawei IPS Module V500R001C20SPC200', 'Huawei IPS Module V500R001C20SPC200B062', 'Huawei IPS Module V500R001C20SPC200PWE', 'Huawei IPS Module V500R001C20SPC300B078', 'Huawei IPS Module V500R001C20SPC300PWE', 'Huawei NGFW Module V500R001C00', 'Huawei NGFW Module V500R001C20', 'Huawei NGFW Module V500R001C00SPC200', 'Huawei NGFW Module V500R001C00SPC300', 'Huawei NGFW Module V500R001C00SPC500', 'Huawei NGFW Module V500R001C00SPC500PWE', 'Huawei NGFW Module V500R001C00SPH303', 'Huawei NGFW Module V500R001C00SPH508', 'Huawei NGFW Module V500R001C20SPC100', 'Huawei NGFW Module V500R001C20SPC100PWE', 'Huawei NGFW Module V500R001C20SPC200', 'Huawei NGFW Module V500R001C20SPC200B062', 'Huawei NGFW Module V500R001C20SPC200PWE', 'Huawei NGFW Module V500R001C20SPC300B078', 'Huawei NGFW Module V500R001C20SPC300PWE', 'Huawei NIP6300 V500R001C00', 'Huawei NIP6300 V500R001C20SPC200', 'Huawei NIP6300 V500R001C20SPC100', 'Huawei NIP6300 V500R001C20SPC100PWE', 'Huawei NIP6300 V500R001C20SPC200B062', 'Huawei NIP6300 V500R001C20SPC200PWE', 'Huawei NIP6300 V500R001C20SPC300B078，V500R001C20SPC300PWE', 'Huawei NIP6300 V500R001C20SPC300B078', 'Huawei NIP6300 V500R001C00SPC200', 'Huawei NIP6300 V500R001C00SPC300', 'Huawei NIP6300 V500R001C00SPC500', 'Huawei NIP6300 V500R001C00SPH303', 'Huawei NIP6300 V500R001C00SPH508', 'Huawei NIP6600 V500R001C00', 'Huawei NIP6600 V500R001C20SPC200', 'Huawei NIP6600 V500R001C20', 'Huawei NIP6600 V500R001C00SPC200', 'Huawei NIP6600 V500R001C00SPC300', 'Huawei NIP6600 V500R001C00SPC500', 'Huawei NIP6600 V500R001C00SPH303', 'Huawei NIP6600 V500R001C00SPH508', 'Huawei NIP6600 V500R001C20SPC100', 'Huawei NIP6600 V500R001C20SPC100PWE', 'Huawei NIP6600 V500R001C20SPC200B062', 'Huawei NIP6600 V500R001C20SPC200PWE', 'Huawei NIP6600 V500R001C20SPC300B078', 'Huawei Secospace USG6300 V500R001C20SPC100', 'Huawei Secospace USG6300 V500R001C20SPC100PWE', 'Huawei Secospace USG6300 V500R001C20SPC200', 'Huawei Secospace USG6300 V500R001C20SPC200B062', 'Huawei Secospace USG6300 V500R001C20SPC200PWE', 'Huawei Secospace USG6300 V500R001C20SPC300B078', 'Huawei Secospace USG6300 V500R001C20SPC300PWE', 'Huawei Secospace USG6300 V500R001C20SPC101', 'Huawei Secospace USG6300 V500R001C00', 'Huawei Secospace USG6300 V500R001C20SPC100', 'Huawei Secospace USG6300 V500R001C20SPC101', 'Huawei Secospace USG6300 V500R001C20SPC200', 'Huawei Secospace USG6300 V500R001C20SPC200PWE', 'Huawei Secospace USG6300 V500R001C50', 'Huawei Secospace USG6300 V500R001C00SPC500PWE', 'Huawei Secospace USG6300 V500R001C00SPC200', 'Huawei Secospace USG6300 V500R001C00SPC300', 'Huawei Secospace USG6300 V500R001C00SPC500', 'Huawei Secospace USG6300 V500R001C00SPH303', 'Huawei Secospace USG6300 V500R001C00SPH508', 'Huawei Secospace USG6500 V500R001C00', 'Huawei Secospace USG6500 V500R001C20SPC100', 'Huawei Secospace USG6500 V500R001C20SPC101', 'Huawei Secospace USG6500 V500R001C20SPC200', 'Huawei Secospace USG6500 V100R001C20', 'Huawei Secospace USG6500 V500R001C00SPC200', 'Huawei Secospace USG6500 V500R001C00SPC300', 'Huawei Secospace USG6500 V500R001C00SPC500', 'Huawei Secospace USG6500 V500R001C00SPC500PWE', 'Huawei Secospace USG6500 V500R001C00SPH303', 'Huawei Secospace USG6500 V500R001C00SPH508', 'Huawei Secospace USG6500 V500R001C20SPC100PWE', 'Huawei Secospace USG6500 V500R001C20SPC200B062', 'Huawei Secospace USG6500 V500R001C20SPC200PWE', 'Huawei Secospace USG6500 V500R001C20SPC300B078', 'Huawei Secospace USG6500 V500R001C20SPC300PWE', 'Huawei Secospace USG6600 V500R001C00', 'Huawei Secospace USG6600 V500R001C20SPC100', 'Huawei Secospace USG6600 V500R001C20SPC101', 'Huawei Secospace USG6600 V500R001C20SPC200', 'Huawei Secospace USG6600 V500R001C20SPC200PWE', 'Huawei Secospace USG6600 V500R001C20', 'Huawei Secospace USG6600 V500R001C20SPC300', 'Huawei Secospace USG6600 V500R001C00SPC301', 'Huawei Secospace USG6600 V500R001C20SPC500', 'Huawei Secospace USG6600 V500R001C00SPC500PWE', 'Huawei Secospace USG6600 V500R001C00SPH303', 'Huawei Secospace USG6600 V500R001C00SPC100', 'Huawei Secospace USG6600 V500R001C00SPC200', 'Huawei Secospace USG6600 V500R001C20SPC100PWE', 'Huawei Secospace USG6600 V500R001C20SPC300B078', 'Huawei Secospace USG6600 V500R001C20SPC300PWE', 'Huawei USG9500 V500R001C20SPC100PWE', 'Huawei USG9500 V500R001C20SPC200', 'Huawei USG9500 V500R001C20SPC200B062', 'Huawei USG9500 V500R001C20SPC200PWE', 'Huawei USG9500 V500R001C20SPC300B078', 'Huawei USG9500 V500R001C20SPC300PWE', 'Huawei USG9500 V500R001C20SPC101', 'Huawei USG9500 V500R001C00', 'Huawei USG9500 V500R001C20', 'Huawei USG9500 V500R001C00SPC200', 'Huawei USG9500 V500R001C00SPC300', 'Huawei USG9500 V500R001C00SPC500', 'Huawei USG9500 V500R001C00SPH303', 'Huawei USG9500 V500R001C00SPH508', 'Huawei USG9500 V500R001C00SPC303', 'Huawei USG9500 V500R001C00SPC500PWE', 'Huawei USG9500 V500R001C20SPC100']

Name

['Huawei IPS Module V500R001C00', 'Huawei IPS Module V100R001C20', 'Huawei IPS Module V500R001C00SPC200', 'Huawei IPS Module V500R001C00SPC300', 'Huawei IPS Module V500R001C00SPC500', 'Huawei IPS Module V500R001C00SPH303', 'Huawei IPS Module V500R001C00SPH508', 'Huawei IPS Module V500R001C20SPC100', 'Huawei IPS Module V500R001C20SPC100PWE', 'Huawei IPS Module V500R001C20SPC200', 'Huawei IPS Module V500R001C20SPC200B062', 'Huawei IPS Module V500R001C20SPC200PWE', 'Huawei IPS Module V500R001C20SPC300B078', 'Huawei IPS Module V500R001C20SPC300PWE', 'Huawei NGFW Module V500R001C00', 'Huawei NGFW Module V500R001C20', 'Huawei NGFW Module V500R001C00SPC200', 'Huawei NGFW Module V500R001C00SPC300', 'Huawei NGFW Module V500R001C00SPC500', 'Huawei NGFW Module V500R001C00SPC500PWE', 'Huawei NGFW Module V500R001C00SPH303', 'Huawei NGFW Module V500R001C00SPH508', 'Huawei NGFW Module V500R001C20SPC100', 'Huawei NGFW Module V500R001C20SPC100PWE', 'Huawei NGFW Module V500R001C20SPC200', 'Huawei NGFW Module V500R001C20SPC200B062', 'Huawei NGFW Module V500R001C20SPC200PWE', 'Huawei NGFW Module V500R001C20SPC300B078', 'Huawei NGFW Module V500R001C20SPC300PWE', 'Huawei NIP6300 V500R001C00', 'Huawei NIP6300 V500R001C20SPC200', 'Huawei NIP6300 V500R001C20SPC100', 'Huawei NIP6300 V500R001C20SPC100PWE', 'Huawei NIP6300 V500R001C20SPC200B062', 'Huawei NIP6300 V500R001C20SPC200PWE', 'Huawei NIP6300 V500R001C20SPC300B078，V500R001C20SPC300PWE', 'Huawei NIP6300 V500R001C20SPC300B078', 'Huawei NIP6300 V500R001C00SPC200', 'Huawei NIP6300 V500R001C00SPC300', 'Huawei NIP6300 V500R001C00SPC500', 'Huawei NIP6300 V500R001C00SPH303', 'Huawei NIP6300 V500R001C00SPH508', 'Huawei NIP6600 V500R001C00', 'Huawei NIP6600 V500R001C20SPC200', 'Huawei NIP6600 V500R001C20', 'Huawei NIP6600 V500R001C00SPC200', 'Huawei NIP6600 V500R001C00SPC300', 'Huawei NIP6600 V500R001C00SPC500', 'Huawei NIP6600 V500R001C00SPH303', 'Huawei NIP6600 V500R001C00SPH508', 'Huawei NIP6600 V500R001C20SPC100', 'Huawei NIP6600 V500R001C20SPC100PWE', 'Huawei NIP6600 V500R001C20SPC200B062', 'Huawei NIP6600 V500R001C20SPC200PWE', 'Huawei NIP6600 V500R001C20SPC300B078', 'Huawei Secospace USG6300 V500R001C20SPC100', 'Huawei Secospace USG6300 V500R001C20SPC100PWE', 'Huawei Secospace USG6300 V500R001C20SPC200', 'Huawei Secospace USG6300 V500R001C20SPC200B062', 'Huawei Secospace USG6300 V500R001C20SPC200PWE', 'Huawei Secospace USG6300 V500R001C20SPC300B078', 'Huawei Secospace USG6300 V500R001C20SPC300PWE', 'Huawei Secospace USG6300 V500R001C20SPC101', 'Huawei Secospace USG6300 V500R001C00', 'Huawei Secospace USG6300 V500R001C20SPC100', 'Huawei Secospace USG6300 V500R001C20SPC101', 'Huawei Secospace USG6300 V500R001C20SPC200', 'Huawei Secospace USG6300 V500R001C20SPC200PWE', 'Huawei Secospace USG6300 V500R001C50', 'Huawei Secospace USG6300 V500R001C00SPC500PWE', 'Huawei Secospace USG6300 V500R001C00SPC200', 'Huawei Secospace USG6300 V500R001C00SPC300', 'Huawei Secospace USG6300 V500R001C00SPC500', 'Huawei Secospace USG6300 V500R001C00SPH303', 'Huawei Secospace USG6300 V500R001C00SPH508', 'Huawei Secospace USG6500 V500R001C00', 'Huawei Secospace USG6500 V500R001C20SPC100', 'Huawei Secospace USG6500 V500R001C20SPC101', 'Huawei Secospace USG6500 V500R001C20SPC200', 'Huawei Secospace USG6500 V100R001C20', 'Huawei Secospace USG6500 V500R001C00SPC200', 'Huawei Secospace USG6500 V500R001C00SPC300', 'Huawei Secospace USG6500 V500R001C00SPC500', 'Huawei Secospace USG6500 V500R001C00SPC500PWE', 'Huawei Secospace USG6500 V500R001C00SPH303', 'Huawei Secospace USG6500 V500R001C00SPH508', 'Huawei Secospace USG6500 V500R001C20SPC100PWE', 'Huawei Secospace USG6500 V500R001C20SPC200B062', 'Huawei Secospace USG6500 V500R001C20SPC200PWE', 'Huawei Secospace USG6500 V500R001C20SPC300B078', 'Huawei Secospace USG6500 V500R001C20SPC300PWE', 'Huawei Secospace USG6600 V500R001C00', 'Huawei Secospace USG6600 V500R001C20SPC100', 'Huawei Secospace USG6600 V500R001C20SPC101', 'Huawei Secospace USG6600 V500R001C20SPC200', 'Huawei Secospace USG6600 V500R001C20SPC200PWE', 'Huawei Secospace USG6600 V500R001C20', 'Huawei Secospace USG6600 V500R001C20SPC300', 'Huawei Secospace USG6600 V500R001C00SPC301', 'Huawei Secospace USG6600 V500R001C20SPC500', 'Huawei Secospace USG6600 V500R001C00SPC500PWE', 'Huawei Secospace USG6600 V500R001C00SPH303', 'Huawei Secospace USG6600 V500R001C00SPC100', 'Huawei Secospace USG6600 V500R001C00SPC200', 'Huawei Secospace USG6600 V500R001C20SPC100PWE', 'Huawei Secospace USG6600 V500R001C20SPC300B078', 'Huawei Secospace USG6600 V500R001C20SPC300PWE', 'Huawei USG9500 V500R001C20SPC100PWE', 'Huawei USG9500 V500R001C20SPC200', 'Huawei USG9500 V500R001C20SPC200B062', 'Huawei USG9500 V500R001C20SPC200PWE', 'Huawei USG9500 V500R001C20SPC300B078', 'Huawei USG9500 V500R001C20SPC300PWE', 'Huawei USG9500 V500R001C20SPC101', 'Huawei USG9500 V500R001C00', 'Huawei USG9500 V500R001C20', 'Huawei USG9500 V500R001C00SPC200', 'Huawei USG9500 V500R001C00SPC300', 'Huawei USG9500 V500R001C00SPC500', 'Huawei USG9500 V500R001C00SPH303', 'Huawei USG9500 V500R001C00SPH508', 'Huawei USG9500 V500R001C00SPC303', 'Huawei USG9500 V500R001C00SPC500PWE', 'Huawei USG9500 V500R001C20SPC100']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-17157"
    }
  },
  "description": "Huawei IPS Module\u3001NGFW Module\u3001NIP6300/6600\u7cfb\u5217\u4ea7\u54c1\u53caSecospace USG\u7cfb\u5217\u90fd\u662f\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u9762\u5411\u4f01\u4e1a\u3001IDC\u3001\u6821\u56ed\u7f51\u548c\u8fd0\u8425\u5546\u7b49\u5ba2\u6237\u63a8\u51fa\u7684\u65b0\u4e00\u4ee3\u4e13\u4e1a\u5165\u4fb5\u9632\u5fa1\u548c\u9632\u706b\u5899\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1IKEv2\u534f\u8bae\u5b58\u5728\u5185\u5b58\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8eIKEv2\u5904\u7406\u62a5\u6587\u65f6\u672a\u80fd\u5bf9\u5185\u5bb9\u8fdb\u884c\u5145\u5206\u6821\u9a8c\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6784\u9020\u7279\u6b8a\u62a5\u6587\uff0c\u89e6\u53d1\u5185\u5b58\u8bbf\u95ee\u8d8a\u754c\uff0c\u9020\u6210\u7cfb\u7edf\u5f02\u5e38\u3002",
  "discovererName": "Huawei",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-ikev2-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-38287",
  "openTime": "2017-12-27",
  "patchDescription": "Huawei IPS Module\u3001NGFW Module\u3001NIP6300/6600\u7cfb\u5217\u4ea7\u54c1\u53caSecospace USG\u7cfb\u5217\u90fd\u662f\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u9762\u5411\u4f01\u4e1a\u3001IDC\u3001\u6821\u56ed\u7f51\u548c\u8fd0\u8425\u5546\u7b49\u5ba2\u6237\u63a8\u51fa\u7684\u65b0\u4e00\u4ee3\u4e13\u4e1a\u5165\u4fb5\u9632\u5fa1\u548c\u9632\u706b\u5899\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1IKEv2\u534f\u8bae\u5b58\u5728\u5185\u5b58\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u662f\u7531\u4e8eIKEv2\u5904\u7406\u62a5\u6587\u65f6\u672a\u80fd\u5bf9\u5185\u5bb9\u8fdb\u884c\u5145\u5206\u6821\u9a8c\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u6784\u9020\u7279\u6b8a\u62a5\u6587\uff0c\u89e6\u53d1\u5185\u5b58\u8bbf\u95ee\u8d8a\u754c\uff0c\u9020\u6210\u7cfb\u7edf\u5f02\u5e38\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eHuawei\u4ea7\u54c1IKEv2\u534f\u8bae\u5185\u5b58\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\uff08CNVD-2017-38287\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei IPS Module V500R001C00",
      "Huawei IPS Module V100R001C20",
      "Huawei IPS Module V500R001C00SPC200",
      "Huawei IPS Module V500R001C00SPC300",
      "Huawei IPS Module V500R001C00SPC500",
      "Huawei IPS Module V500R001C00SPH303",
      "Huawei IPS Module V500R001C00SPH508",
      "Huawei IPS Module V500R001C20SPC100",
      "Huawei IPS Module V500R001C20SPC100PWE",
      "Huawei IPS Module V500R001C20SPC200",
      "Huawei IPS Module V500R001C20SPC200B062",
      "Huawei IPS Module V500R001C20SPC200PWE",
      "Huawei IPS Module V500R001C20SPC300B078",
      "Huawei IPS Module V500R001C20SPC300PWE",
      "Huawei NGFW Module V500R001C00",
      "Huawei NGFW Module V500R001C20",
      "Huawei NGFW Module V500R001C00SPC200",
      "Huawei NGFW Module V500R001C00SPC300",
      "Huawei NGFW Module V500R001C00SPC500",
      "Huawei NGFW Module V500R001C00SPC500PWE",
      "Huawei NGFW Module V500R001C00SPH303",
      "Huawei NGFW Module V500R001C00SPH508",
      "Huawei NGFW Module V500R001C20SPC100",
      "Huawei NGFW Module V500R001C20SPC100PWE",
      "Huawei NGFW Module V500R001C20SPC200",
      "Huawei NGFW Module V500R001C20SPC200B062",
      "Huawei NGFW Module V500R001C20SPC200PWE",
      "Huawei NGFW Module V500R001C20SPC300B078",
      "Huawei NGFW Module V500R001C20SPC300PWE",
      "Huawei NIP6300 V500R001C00",
      "Huawei NIP6300 V500R001C20SPC200",
      "Huawei NIP6300 V500R001C20SPC100",
      "Huawei NIP6300 V500R001C20SPC100PWE",
      "Huawei NIP6300 V500R001C20SPC200B062",
      "Huawei NIP6300 V500R001C20SPC200PWE",
      "Huawei NIP6300 V500R001C20SPC300B078\uff0cV500R001C20SPC300PWE",
      "Huawei NIP6300 V500R001C20SPC300B078",
      "Huawei NIP6300 V500R001C00SPC200",
      "Huawei NIP6300 V500R001C00SPC300",
      "Huawei NIP6300 V500R001C00SPC500",
      "Huawei NIP6300 V500R001C00SPH303",
      "Huawei NIP6300 V500R001C00SPH508",
      "Huawei NIP6600 V500R001C00",
      "Huawei NIP6600 V500R001C20SPC200",
      "Huawei NIP6600 V500R001C20",
      "Huawei NIP6600 V500R001C00SPC200",
      "Huawei NIP6600 V500R001C00SPC300",
      "Huawei NIP6600 V500R001C00SPC500",
      "Huawei NIP6600 V500R001C00SPH303",
      "Huawei NIP6600 V500R001C00SPH508",
      "Huawei NIP6600 V500R001C20SPC100",
      "Huawei NIP6600 V500R001C20SPC100PWE",
      "Huawei NIP6600 V500R001C20SPC200B062",
      "Huawei NIP6600 V500R001C20SPC200PWE",
      "Huawei NIP6600 V500R001C20SPC300B078",
      "Huawei Secospace USG6300 V500R001C20SPC100",
      "Huawei Secospace USG6300 V500R001C20SPC100PWE",
      "Huawei Secospace USG6300 V500R001C20SPC200",
      "Huawei Secospace USG6300 V500R001C20SPC200B062",
      "Huawei Secospace USG6300 V500R001C20SPC200PWE",
      "Huawei Secospace USG6300 V500R001C20SPC300B078",
      "Huawei Secospace USG6300 V500R001C20SPC300PWE",
      "Huawei Secospace USG6300 V500R001C20SPC101",
      "Huawei Secospace USG6300 V500R001C00",
      "Huawei Secospace USG6300 V500R001C20SPC100",
      "Huawei Secospace USG6300 V500R001C20SPC101",
      "Huawei Secospace USG6300 V500R001C20SPC200",
      "Huawei Secospace USG6300 V500R001C20SPC200PWE",
      "Huawei Secospace USG6300 V500R001C50",
      "Huawei Secospace USG6300 V500R001C00SPC500PWE",
      "Huawei Secospace USG6300 V500R001C00SPC200",
      "Huawei Secospace USG6300 V500R001C00SPC300",
      "Huawei Secospace USG6300 V500R001C00SPC500",
      "Huawei Secospace USG6300 V500R001C00SPH303",
      "Huawei Secospace USG6300 V500R001C00SPH508",
      "Huawei Secospace USG6500 V500R001C00",
      "Huawei Secospace USG6500 V500R001C20SPC100",
      "Huawei Secospace USG6500 V500R001C20SPC101",
      "Huawei Secospace USG6500 V500R001C20SPC200",
      "Huawei Secospace USG6500 V100R001C20",
      "Huawei Secospace USG6500 V500R001C00SPC200",
      "Huawei Secospace USG6500 V500R001C00SPC300",
      "Huawei Secospace USG6500 V500R001C00SPC500",
      "Huawei Secospace USG6500 V500R001C00SPC500PWE",
      "Huawei Secospace USG6500 V500R001C00SPH303",
      "Huawei Secospace USG6500 V500R001C00SPH508",
      "Huawei Secospace USG6500 V500R001C20SPC100PWE",
      "Huawei Secospace USG6500 V500R001C20SPC200B062",
      "Huawei Secospace USG6500 V500R001C20SPC200PWE",
      "Huawei Secospace USG6500 V500R001C20SPC300B078",
      "Huawei Secospace USG6500 V500R001C20SPC300PWE",
      "Huawei Secospace USG6600 V500R001C00",
      "Huawei Secospace USG6600 V500R001C20SPC100",
      "Huawei Secospace USG6600 V500R001C20SPC101",
      "Huawei Secospace USG6600 V500R001C20SPC200",
      "Huawei Secospace USG6600 V500R001C20SPC200PWE",
      "Huawei Secospace USG6600 V500R001C20",
      "Huawei Secospace USG6600 V500R001C20SPC300",
      "Huawei Secospace USG6600 V500R001C00SPC301",
      "Huawei Secospace USG6600 V500R001C20SPC500",
      "Huawei Secospace USG6600 V500R001C00SPC500PWE",
      "Huawei Secospace USG6600 V500R001C00SPH303",
      "Huawei Secospace USG6600 V500R001C00SPC100",
      "Huawei Secospace USG6600 V500R001C00SPC200",
      "Huawei Secospace USG6600 V500R001C20SPC100PWE",
      "Huawei Secospace USG6600 V500R001C20SPC300B078",
      "Huawei Secospace USG6600 V500R001C20SPC300PWE",
      "Huawei USG9500 V500R001C20SPC100PWE",
      "Huawei USG9500 V500R001C20SPC200",
      "Huawei USG9500 V500R001C20SPC200B062",
      "Huawei USG9500 V500R001C20SPC200PWE",
      "Huawei USG9500 V500R001C20SPC300B078",
      "Huawei USG9500 V500R001C20SPC300PWE",
      "Huawei USG9500 V500R001C20SPC101",
      "Huawei USG9500 V500R001C00",
      "Huawei USG9500 V500R001C20",
      "Huawei USG9500 V500R001C00SPC200",
      "Huawei USG9500 V500R001C00SPC300",
      "Huawei USG9500 V500R001C00SPC500",
      "Huawei USG9500 V500R001C00SPH303",
      "Huawei USG9500 V500R001C00SPH508",
      "Huawei USG9500 V500R001C00SPC303",
      "Huawei USG9500 V500R001C00SPC500PWE",
      "Huawei USG9500 V500R001C20SPC100"
    ]
  },
  "referenceLink": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-ikev2-cn",
  "serverity": "\u4f4e",
  "submitTime": "2017-12-07",
  "title": "\u591a\u6b3eHuawei\u4ea7\u54c1IKEv2\u534f\u8bae\u5185\u5b58\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\uff08CNVD-2017-38287\uff09"
}

CVE-2017-17157 (GCVE-0-2017-17157)

Vulnerability from cvelistv5

Published

2018-02-15 16:00

Modified

2024-08-05 20:43

Severity ?

CWE

out-of-bounds memory access

Summary

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has an out-of-bounds memory access vulnerability due to insufficient input validation. An attacker could exploit it to craft special packets to trigger out-of-bounds memory access, which may further lead to system exceptions.

References

▼	URL	Tags
	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Huawei Technologies Co., Ltd.	IPS,Module,NGFW,Module,NIP6300,NIP6600,Secospace,USG6300,Secospace,USG6500,Secospace,USG6600,USG9500	Version: IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SP ...[truncated*]

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:43:59.756Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "IPS,Module,NGFW,Module,NIP6300,NIP6600,Secospace,USG6300,Secospace,USG6500,Secospace,USG6600,USG9500",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SP ...[truncated*]"
            }
          ]
        }
      ],
      "datePublic": "2017-12-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has an out-of-bounds memory access vulnerability due to insufficient input validation. An attacker could exploit it to craft special packets to trigger out-of-bounds memory access, which may further lead to system exceptions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "out-of-bounds memory access",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-02-15T15:57:02",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en"
        }
      ],
      "x_ConverterErrors": {
        "version_name": {
          "error": "version_name too long. Use array of versions to record more than one version.",
          "message": "Truncated!"
        }
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "ID": "CVE-2017-17157",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "IPS,Module,NGFW,Module,NIP6300,NIP6600,Secospace,USG6300,Secospace,USG6500,Secospace,USG6600,USG9500",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei Technologies Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has an out-of-bounds memory access vulnerability due to insufficient input validation. An attacker could exploit it to craft special packets to trigger out-of-bounds memory access, which may further lead to system exceptions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "out-of-bounds memory access"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2017-17157",
    "datePublished": "2018-02-15T16:00:00",
    "dateReserved": "2017-12-04T00:00:00",
    "dateUpdated": "2024-08-05T20:43:59.756Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted