cnvd - cnvd-2017-38290

cnvd-2017-38290

Vulnerability from cnvd

Title: 多款Huawei产品PEM模块内存越界访问漏洞

Description:

Huawei DP300、IPS Module、NGFW Module等都是中国华为（Huawei）公司的产品。

多款Huawei产品PEM模块内存越界访问漏洞，经身份验证的本地攻击者通过构造恶意证书使相关进程发生异常利用该漏洞可发起拒绝服务攻击。

Severity: 中

Patch Name: 多款Huawei产品PEM模块内存越界访问漏洞的补丁

Patch Description:

Huawei DP300、IPS Module、NGFW Module等都是中国华为（Huawei）公司的产品。

多款Huawei产品PEM模块内存越界访问漏洞，经身份验证的本地攻击者通过构造恶意证书使相关进程发生异常利用该漏洞可发起拒绝服务攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-pem-cn

Reference: http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-pem-cn

Impacted products

Name
['Huawei IPS Module V500R001C00', 'Huawei NGFW Module V500R001C00', 'Huawei NIP6300 V500R001C00', 'Huawei NIP6600 V500R001C00', 'Huawei Secospace USG6300 V500R001C00', 'Huawei Secospace USG6500 V500R001C00', 'Huawei Secospace USG6600 V500R001C00', 'Huawei S7700 V200R008C00', 'Huawei S12700 V200R008C00', 'Huawei S6700 V200R008C00', 'Huawei S12700 V200R007C00', 'Huawei S5700 V200R007C00', 'Huawei S7700 V200R007C00', 'Huawei S9700 V200R007C00', 'Huawei S5700 V200R009C00', 'Huawei S6700 V200R009C00', 'Huawei S7700 V200R009C00', 'Huawei S9700 V200R008C00', 'Huawei S12700 V200R009C00', 'Huawei S12700 V200R007C01', 'Huawei DP300 V500R002C00', 'Huawei TE60 V100R001C01', 'Huawei TE60 V100R001C10', 'Huawei TE60 V500R002C00', 'Huawei TE60 V600R006C00', 'Huawei ViewPoint 9030 V100R011C03', 'Huawei ViewPoint 9030 V100R011C02', 'Huawei TP3206 V100R002C00', 'Huawei TP3106 V100R002C00', 'Huawei RP200 V500R002C00', 'Huawei RP200 V600R006C00', 'Huawei TE30 V100R001C02', 'Huawei TE30 V100R001C10', 'Huawei TE30 V500R002C00', 'Huawei TE30 V600R006C00', 'Huawei TE40 V500R002C00', 'Huawei TE40 V600R006C00', 'Huawei TE50 V500R002C00', 'Huawei TE50 V600R006C00', 'Huawei IPS Module V500R001C30', 'Huawei NIP6300 V500R001C30', 'Huawei NIP6600 V500R001C30', 'Huawei Secospace USG6300 V500R001C30', 'Huawei Secospace USG6500 V500R001C30', 'Huawei USG9500 V500R001C00', 'Huawei USG9500 V500R001C30', 'Huawei TP3206 V100R002C10', 'Huawei Secospace USG6600 V500R001C30', 'Huawei S2700 V200R007C00', 'Huawei S2700 V200R008C00', 'Huawei S5700 V200R006C00', 'Huawei S5700 V200R008C00', 'Huawei S12700 V200R010C00', 'Huawei S1700 V200R006C10', 'Huawei S1700 V200R009C00', 'Huawei S1700 V200R010C00', 'Huawei S2700 V200R006C10', 'Huawei S2700 V200R009C00', 'Huawei S2700 V200R010C00', 'Huawei S5700 V200R010C00', 'Huawei S6700 V200R010C00', 'Huawei S7700 V200R010C00', 'Huawei S9700 V200R007C01', 'Huawei S9700 V200R010C00', 'Huawei S9700 V200R009C00', 'Huawei NGFW Module V500R001C30']

Name

['Huawei IPS Module V500R001C00', 'Huawei NGFW Module V500R001C00', 'Huawei NIP6300 V500R001C00', 'Huawei NIP6600 V500R001C00', 'Huawei Secospace USG6300 V500R001C00', 'Huawei Secospace USG6500 V500R001C00', 'Huawei Secospace USG6600 V500R001C00', 'Huawei S7700 V200R008C00', 'Huawei S12700 V200R008C00', 'Huawei S6700 V200R008C00', 'Huawei S12700 V200R007C00', 'Huawei S5700 V200R007C00', 'Huawei S7700 V200R007C00', 'Huawei S9700 V200R007C00', 'Huawei S5700 V200R009C00', 'Huawei S6700 V200R009C00', 'Huawei S7700 V200R009C00', 'Huawei S9700 V200R008C00', 'Huawei S12700 V200R009C00', 'Huawei S12700 V200R007C01', 'Huawei DP300 V500R002C00', 'Huawei TE60 V100R001C01', 'Huawei TE60 V100R001C10', 'Huawei TE60 V500R002C00', 'Huawei TE60 V600R006C00', 'Huawei ViewPoint 9030 V100R011C03', 'Huawei ViewPoint 9030 V100R011C02', 'Huawei TP3206 V100R002C00', 'Huawei TP3106 V100R002C00', 'Huawei RP200 V500R002C00', 'Huawei RP200 V600R006C00', 'Huawei TE30 V100R001C02', 'Huawei TE30 V100R001C10', 'Huawei TE30 V500R002C00', 'Huawei TE30 V600R006C00', 'Huawei TE40 V500R002C00', 'Huawei TE40 V600R006C00', 'Huawei TE50 V500R002C00', 'Huawei TE50 V600R006C00', 'Huawei IPS Module V500R001C30', 'Huawei NIP6300 V500R001C30', 'Huawei NIP6600 V500R001C30', 'Huawei Secospace USG6300 V500R001C30', 'Huawei Secospace USG6500 V500R001C30', 'Huawei USG9500 V500R001C00', 'Huawei USG9500 V500R001C30', 'Huawei TP3206 V100R002C10', 'Huawei Secospace USG6600 V500R001C30', 'Huawei S2700 V200R007C00', 'Huawei S2700 V200R008C00', 'Huawei S5700 V200R006C00', 'Huawei S5700 V200R008C00', 'Huawei S12700 V200R010C00', 'Huawei S1700 V200R006C10', 'Huawei S1700 V200R009C00', 'Huawei S1700 V200R010C00', 'Huawei S2700 V200R006C10', 'Huawei S2700 V200R009C00', 'Huawei S2700 V200R010C00', 'Huawei S5700 V200R010C00', 'Huawei S6700 V200R010C00', 'Huawei S7700 V200R010C00', 'Huawei S9700 V200R007C01', 'Huawei S9700 V200R010C00', 'Huawei S9700 V200R009C00', 'Huawei NGFW Module V500R001C30']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-17137"
    }
  },
  "description": "Huawei DP300\u3001IPS Module\u3001NGFW Module\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1PEM\u6a21\u5757\u5185\u5b58\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u672c\u5730\u653b\u51fb\u8005\u901a\u8fc7\u6784\u9020\u6076\u610f\u8bc1\u4e66\u4f7f\u76f8\u5173\u8fdb\u7a0b\u53d1\u751f\u5f02\u5e38\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u53d1\u8d77\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002",
  "discovererName": "Huawei",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttp://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-pem-cn",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-38290",
  "openTime": "2017-12-27",
  "patchDescription": "Huawei DP300\u3001IPS Module\u3001NGFW Module\u7b49\u90fd\u662f\u4e2d\u56fd\u534e\u4e3a\uff08Huawei\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002\r\n\r\n\u591a\u6b3eHuawei\u4ea7\u54c1PEM\u6a21\u5757\u5185\u5b58\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\uff0c\u7ecf\u8eab\u4efd\u9a8c\u8bc1\u7684\u672c\u5730\u653b\u51fb\u8005\u901a\u8fc7\u6784\u9020\u6076\u610f\u8bc1\u4e66\u4f7f\u76f8\u5173\u8fdb\u7a0b\u53d1\u751f\u5f02\u5e38\u5229\u7528\u8be5\u6f0f\u6d1e\u53ef\u53d1\u8d77\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eHuawei\u4ea7\u54c1PEM\u6a21\u5757\u5185\u5b58\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Huawei IPS Module V500R001C00",
      "Huawei NGFW Module V500R001C00",
      "Huawei NIP6300 V500R001C00",
      "Huawei NIP6600 V500R001C00",
      "Huawei Secospace USG6300 V500R001C00",
      "Huawei Secospace USG6500 V500R001C00",
      "Huawei Secospace USG6600 V500R001C00",
      "Huawei S7700  V200R008C00",
      "Huawei S12700  V200R008C00",
      "Huawei S6700  V200R008C00",
      "Huawei S12700 V200R007C00",
      "Huawei S5700 V200R007C00",
      "Huawei S7700 V200R007C00",
      "Huawei S9700 V200R007C00",
      "Huawei S5700 V200R009C00",
      "Huawei S6700 V200R009C00",
      "Huawei S7700 V200R009C00",
      "Huawei S9700 V200R008C00",
      "Huawei S12700 V200R009C00",
      "Huawei S12700 V200R007C01",
      "Huawei DP300 V500R002C00",
      "Huawei TE60 V100R001C01",
      "Huawei TE60 V100R001C10",
      "Huawei TE60 V500R002C00",
      "Huawei TE60 V600R006C00",
      "Huawei ViewPoint 9030 V100R011C03",
      "Huawei ViewPoint 9030 V100R011C02",
      "Huawei TP3206 V100R002C00",
      "Huawei TP3106 V100R002C00",
      "Huawei RP200 V500R002C00",
      "Huawei RP200 V600R006C00",
      "Huawei TE30 V100R001C02",
      "Huawei TE30 V100R001C10",
      "Huawei TE30 V500R002C00",
      "Huawei TE30 V600R006C00",
      "Huawei TE40 V500R002C00",
      "Huawei TE40 V600R006C00",
      "Huawei TE50 V500R002C00",
      "Huawei TE50 V600R006C00",
      "Huawei IPS Module V500R001C30",
      "Huawei NIP6300 V500R001C30",
      "Huawei NIP6600 V500R001C30",
      "Huawei Secospace USG6300 V500R001C30",
      "Huawei Secospace USG6500 V500R001C30",
      "Huawei USG9500 V500R001C00",
      "Huawei USG9500 V500R001C30",
      "Huawei TP3206 V100R002C10",
      "Huawei Secospace USG6600 V500R001C30",
      "Huawei S2700 V200R007C00",
      "Huawei S2700 V200R008C00",
      "Huawei S5700 V200R006C00",
      "Huawei S5700 V200R008C00",
      "Huawei S12700 V200R010C00",
      "Huawei S1700 V200R006C10",
      "Huawei S1700 V200R009C00",
      "Huawei S1700 V200R010C00",
      "Huawei S2700 V200R006C10",
      "Huawei S2700 V200R009C00",
      "Huawei S2700 V200R010C00",
      "Huawei S5700 V200R010C00",
      "Huawei S6700 V200R010C00",
      "Huawei S7700 V200R010C00",
      "Huawei S9700 V200R007C01",
      "Huawei S9700 V200R010C00",
      "Huawei S9700 V200R009C00",
      "Huawei NGFW Module V500R001C30"
    ]
  },
  "referenceLink": "http://www.huawei.com/cn/psirt/security-advisories/2017/huawei-sa-20171206-01-pem-cn",
  "serverity": "\u4e2d",
  "submitTime": "2017-12-08",
  "title": "\u591a\u6b3eHuawei\u4ea7\u54c1PEM\u6a21\u5757\u5185\u5b58\u8d8a\u754c\u8bbf\u95ee\u6f0f\u6d1e"
}

CVE-2017-17137 (GCVE-0-2017-17137)

Vulnerability from cvelistv5

Published

2018-03-05 19:00

Modified

2024-09-17 00:42

Severity ?

CWE

Out-of-Bounds memory access

Summary

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has an Out-of-Bounds memory access vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service.

References

▼	URL	Tags
	http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Huawei Technologies Co., Ltd.	DP300; IPS Module; NGFW Module; NIP6300; NIP6600; RP200; S12700; S1700; S2700; S5700; S6700; S7700; S9700; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60; TP3106; TP3206; USG9500; ViewPoint 9030	Version: DP300 V500R002C00 Version: IPS Module V500R001C00 Version: V500R001C30 Version: NGFW Module V500R001C00 Version: V500R002C00 Version: NIP6300 V500R001C00 Version: NIP6600 V500R001C00 Version: RP200 V500R002C00 Version: V600R006C00 Version: S12700 V200R007C00 Version: V200R007C01 Version: V200R008C00 Version: V200R009C00 Version: V200R010C00 Version: S1700 V200R006C10 Version: S2700 V200R006C10 Version: V200R007C00 Version: S5700 V200R006C00 Version: S6700 V200R008C00 Version: S7700 V200R007C00 Version: S9700 V200R007C00 Version: Secospace USG6300 V500R001C00 Version: Secospace USG6500 V500R001C00 Version: Secospace USG6600 V500R001C00 Version: V500R001C30S Version: TE30 V100R001C02 Version: V100R001C10 Version: TE40 V500R002C00 Version: TE50 V500R002C00 Version: TE60 V100R001C01 Version: TP3106 V100R002C00 Version: TP3206 V100R002C00 Version: V100R002C10 Version: USG9500 V500R001C00 Version: ViewPoint 9030 V100R011C02 Version: V100R011C03

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T20:43:59.902Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "DP300; IPS Module; NGFW Module; NIP6300; NIP6600; RP200; S12700; S1700; S2700; S5700; S6700; S7700; S9700; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60; TP3106; TP3206; USG9500; ViewPoint 9030",
          "vendor": "Huawei Technologies Co., Ltd.",
          "versions": [
            {
              "status": "affected",
              "version": "DP300 V500R002C00"
            },
            {
              "status": "affected",
              "version": "IPS Module V500R001C00"
            },
            {
              "status": "affected",
              "version": "V500R001C30"
            },
            {
              "status": "affected",
              "version": "NGFW Module V500R001C00"
            },
            {
              "status": "affected",
              "version": "V500R002C00"
            },
            {
              "status": "affected",
              "version": "NIP6300 V500R001C00"
            },
            {
              "status": "affected",
              "version": "NIP6600 V500R001C00"
            },
            {
              "status": "affected",
              "version": "RP200 V500R002C00"
            },
            {
              "status": "affected",
              "version": "V600R006C00"
            },
            {
              "status": "affected",
              "version": "S12700 V200R007C00"
            },
            {
              "status": "affected",
              "version": "V200R007C01"
            },
            {
              "status": "affected",
              "version": "V200R008C00"
            },
            {
              "status": "affected",
              "version": "V200R009C00"
            },
            {
              "status": "affected",
              "version": "V200R010C00"
            },
            {
              "status": "affected",
              "version": "S1700 V200R006C10"
            },
            {
              "status": "affected",
              "version": "S2700 V200R006C10"
            },
            {
              "status": "affected",
              "version": "V200R007C00"
            },
            {
              "status": "affected",
              "version": "S5700 V200R006C00"
            },
            {
              "status": "affected",
              "version": "S6700 V200R008C00"
            },
            {
              "status": "affected",
              "version": "S7700 V200R007C00"
            },
            {
              "status": "affected",
              "version": "S9700 V200R007C00"
            },
            {
              "status": "affected",
              "version": "Secospace USG6300 V500R001C00"
            },
            {
              "status": "affected",
              "version": "Secospace USG6500 V500R001C00"
            },
            {
              "status": "affected",
              "version": "Secospace USG6600 V500R001C00"
            },
            {
              "status": "affected",
              "version": "V500R001C30S"
            },
            {
              "status": "affected",
              "version": "TE30 V100R001C02"
            },
            {
              "status": "affected",
              "version": "V100R001C10"
            },
            {
              "status": "affected",
              "version": "TE40 V500R002C00"
            },
            {
              "status": "affected",
              "version": "TE50 V500R002C00"
            },
            {
              "status": "affected",
              "version": "TE60 V100R001C01"
            },
            {
              "status": "affected",
              "version": "TP3106 V100R002C00"
            },
            {
              "status": "affected",
              "version": "TP3206 V100R002C00"
            },
            {
              "status": "affected",
              "version": "V100R002C10"
            },
            {
              "status": "affected",
              "version": "USG9500 V500R001C00"
            },
            {
              "status": "affected",
              "version": "ViewPoint 9030 V100R011C02"
            },
            {
              "status": "affected",
              "version": "V100R011C03"
            }
          ]
        }
      ],
      "datePublic": "2017-12-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has an Out-of-Bounds memory access vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Out-of-Bounds memory access",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-05T18:57:02",
        "orgId": "25ac1063-e409-4190-8079-24548c77ea2e",
        "shortName": "huawei"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@huawei.com",
          "DATE_PUBLIC": "2017-12-06T00:00:00",
          "ID": "CVE-2017-17137",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "DP300; IPS Module; NGFW Module; NIP6300; NIP6600; RP200; S12700; S1700; S2700; S5700; S6700; S7700; S9700; Secospace USG6300; Secospace USG6500; Secospace USG6600; TE30; TE40; TE50; TE60; TP3106; TP3206; USG9500; ViewPoint 9030",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "DP300 V500R002C00"
                          },
                          {
                            "version_value": "IPS Module V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "NGFW Module V500R001C00"
                          },
                          {
                            "version_value": "V500R002C00"
                          },
                          {
                            "version_value": "NIP6300 V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "NIP6600 V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "RP200 V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          },
                          {
                            "version_value": "S12700 V200R007C00"
                          },
                          {
                            "version_value": "V200R007C01"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "S1700 V200R006C10"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "S2700 V200R006C10"
                          },
                          {
                            "version_value": "V200R007C00"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "S5700 V200R006C00"
                          },
                          {
                            "version_value": "V200R007C00"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "S6700 V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "S7700 V200R007C00"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "S9700 V200R007C00"
                          },
                          {
                            "version_value": "V200R007C01"
                          },
                          {
                            "version_value": "V200R008C00"
                          },
                          {
                            "version_value": "V200R009C00"
                          },
                          {
                            "version_value": "V200R010C00"
                          },
                          {
                            "version_value": "Secospace USG6300 V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "Secospace USG6500 V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "Secospace USG6600 V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30S"
                          },
                          {
                            "version_value": "TE30 V100R001C02"
                          },
                          {
                            "version_value": "V100R001C10"
                          },
                          {
                            "version_value": "V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          },
                          {
                            "version_value": "TE40 V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          },
                          {
                            "version_value": "TE50 V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          },
                          {
                            "version_value": "TE60 V100R001C01"
                          },
                          {
                            "version_value": "V100R001C10"
                          },
                          {
                            "version_value": "V500R002C00"
                          },
                          {
                            "version_value": "V600R006C00"
                          },
                          {
                            "version_value": "TP3106 V100R002C00"
                          },
                          {
                            "version_value": "TP3206 V100R002C00"
                          },
                          {
                            "version_value": "V100R002C10"
                          },
                          {
                            "version_value": "USG9500 V500R001C00"
                          },
                          {
                            "version_value": "V500R001C30"
                          },
                          {
                            "version_value": "ViewPoint 9030 V100R011C02"
                          },
                          {
                            "version_value": "V100R011C03"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Huawei Technologies Co., Ltd."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has an Out-of-Bounds memory access vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Out-of-Bounds memory access"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en",
              "refsource": "CONFIRM",
              "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-pem-en"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "25ac1063-e409-4190-8079-24548c77ea2e",
    "assignerShortName": "huawei",
    "cveId": "CVE-2017-17137",
    "datePublished": "2018-03-05T19:00:00Z",
    "dateReserved": "2017-12-04T00:00:00",
    "dateUpdated": "2024-09-17T00:42:09.045Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted