CVE-2017-17153 Information
Description
IKEv2 in Huawei IPS Module V500R001C00 V500R001C00SPC200 V500R001C00SPC300 V500R001C00SPC500 V500R001C00SPH303 V500R001C00SPH508 V500R001C20 V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC200 V500R001C20SPC200B062 V500R001C20SPC200PWE V500R001C20SPC300B078 V500R001C20SPC300PWE NGFW Module V500R001C00 V500R001C00SPC200 V500R001C00SPC300 V500R001C00SPC500 V500R001C00SPC500PWE V500R001C00SPH303 V500R001C00SPH508 V500R001C20 V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC200 V500R001C20SPC200B062 V500R001C20SPC200PWE V500R001C20SPC300B078 V500R001C20SPC300PWE NIP6300 V500R001C00 V500R001C00SPC200 V500R001C00SPC300 V500R001C00SPC500 V500R001C00SPH303 V500R001C00SPH508 V500R001C20 V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC200 V500R001C20SPC200B062 V500R001C20SPC200PWE V500R001C20SPC300B078 V500R001C20SPC300PWE NIP6600 V500R001C00 V500R001C00SPC200 V500R001C00SPC300 V500R001C00SPC500 V500R001C00SPH303 V500R001C00SPH508 V500R001C20 V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC200 V500R001C20SPC200B062 V500R001C20SPC200PWE V500R001C20SPC300B078 Secospace USG6300 V500R001C00 V500R001C00SPC200 V500R001C00SPC300 V500R001C00SPC500 V500R001C00SPC500PWE V500R001C00SPH303 V500R001C00SPH508 V500R001C20 V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC101 V500R001C20SPC200 V500R001C20SPC200B062 V500R001C20SPC200PWE V500R001C20SPC300B078 V500R001C20SPC300PWE Secospace USG6500 V500R001C00 V500R001C00SPC200 V500R001C00SPC300 V500R001C00SPC500 V500R001C00SPC500PWE V500R001C00SPH303 V500R001C00SPH508 V500R001C20 V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC101 V500R001C20SPC200 V500R001C20SPC200B062 V500R001C20SPC200PWE V500R001C20SPC300B078 V500R001C20SPC300PWE Secospace USG6600 V500R001C00 V500R001C00SPC100 V500R001C00SPC200 V500R001C00SPC300 V500R001C00SPC301 V500R001C00SPC500 V500R001C00SPC500PWE V500R001C00SPH303 V500R001C20 V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC101 V500R001C20SPC200 V500R001C20SPC200PWE V500R001C20SPC300 V500R001C20SPC300B078 V500R001C20SPC300PWE USG9500 V500R001C00 V500R001C00SPC200 V500R001C00SPC300 V500R001C00SPC303 V500R001C00SPC500 V500R001C00SPC500PWE V500R001C00SPH303 V500R001C00SPH508 V500R001C20 V500R001C20SPC100 V500R001C20SPC100PWE V500R001C20SPC101 V500R001C20SPC200 V500R001C20SPC200B062 V500R001C20SPC200PWE V500R001C20SPC300B078 V500R001C20SPC300PWE has a memory leak vulnerability due to memory release failure resulted from insufficient input validation. An attacker could exploit it to cause memory leak which may further lead to system exceptions.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Reference
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
NONE
Availability Impact
NONE
Base Score
HIGH
Base Severity
7.5
Share on: