Vulnerability CVE-2017-17253


Published: 2018-04-24

Description:
Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has an out-of-bounds read vulnerability in H323 protocol. An unauthenticated, remote attacker could craft malformed packets with specific parameters and send the packets to the affected products. Due to insufficient validation of packets, which could be exploited to cause process crash.

Type:

CWE-125

(Out-of-bounds Read)

Vendor: Huawei
Product: Te50 firmware 
Version: v600r006c00; v500r002c00;
Product: Te60 firmware 
Version: v600r006c00; v500r002c00;
Product: Te30 firmware 
Version: v600r006c00; v500r002c00;
Product: Te40 firmware 
Version: v600r006c00; v500r002c00;
Product: Ngfw module firmware 
Version:
v500r002c10
v500r002c00
v500r001c20
v500r001c00
See more versions on NVD
Product: Vp9660 firmware 
Version: v500r002c10; v500r002c00;
Product: Dp300 firmware 
Version: v500r002c00;
Product: Rse6500 firmware 
Version: v500r002c00;
Product: Secospace usg6600 firmware 
Version:
v500r001c60
v500r001c50
v500r001c30
v500r001c20
v500r001c00
See more versions on NVD
Product: Nip6800 firmware 
Version: v500r001c50;
Product: Nip6300 firmware 
Version:
v500r001c50
v500r001c30
v500r001c20
v500r001c00
See more versions on NVD
Product: Ips module firmware 
Version:
v500r001c50
v500r001c30
v500r001c20
v500r001c00
See more versions on NVD
Product: Usg9500 firmware 
Version:
v500r001c50
v500r001c30
v500r001c20
v500r001c00
See more versions on NVD
Product: Nip6600 firmware 
Version:
v500r001c50
v500r001c30
v500r001c20
v500r001c00
See more versions on NVD
Product: Secospace usg6300 firmware 
Version:
v500r001c50
v500r001c30
v500r001c20
v500r001c00
See more versions on NVD
Product: Secospace usg6500 firmware 
Version:
v500r001c50
v500r001c30
v500r001c20
v500r001c00
See more versions on NVD
Product: Usg6000v firmware 
Version: v500r001c20;
Product: Usg9520 firmware 
Version: v300r001c20; v300r001c01;
Product: Usg9560 firmware 
Version: v300r001c20; v300r001c01;
Product: Usg9580 firmware 
Version: v300r001c20; v300r001c01;
Product: Semg9811 firmware 
Version: v300r001c01;
Product: Ar2200-s firmware 
Version: v200r008c30; v200r008c20;
Product: Ar1200-s firmware 
Version: v200r008c30; v200r008c20;
Product: Ar3200 firmware 
Version:
v200r008c30
v200r008c20
v200r008c10
v200r008c00
v200r007c02
v200r007c01
See more versions on NVD
Product: Ar150 firmware 
Version:
v200r008c30
v200r008c20
v200r007c02
See more versions on NVD
Product: Ar1200 firmware 
Version:
v200r008c30
v200r008c20
v200r007c02
See more versions on NVD
Product: Ar160 firmware 
Version:
v200r008c30
v200r008c20
v200r007c02
See more versions on NVD
Product: Netengine16ex firmware 
Version: v200r008c30; v200r008c20;
Product: Ar150-s firmware 
Version: v200r008c30; v200r008c20;
Product: Srg3300 firmware 
Version:
v200r008c30
v200r008c20
v200r007c02
See more versions on NVD
Product: Srg2300 firmware 
Version:
v200r008c30
v200r008c20
v200r007c02
See more versions on NVD
Product: Ar200 firmware 
Version: v200r008c30; v200r008c20;
Product: Srg1300 firmware 
Version:
v200r008c30
v200r008c20
v200r007c02
See more versions on NVD
Product: Ar120-s firmware 
Version: v200r008c30; v200r008c20;
Product: Ar200-s firmware 
Version: v200r008c30; v200r008c20;
Product: Ar2200 firmware 
Version:
v200r008c30
v200r008c20
v200r007c02
v200r007c01
See more versions on NVD
Product: Ar510 firmware 
Version: v200r008c30; v200r008c20;
Product: Ar3600 firmware 
Version: v200r008c20; v200r007c01;

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171227-01-h323-en

Related CVE
CVE-2018-7900
There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability.
CVE-2018-7956
Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information.
CVE-2018-7977
There is an information leakage vulnerability on several Huawei products. Due to insufficient communication protection for specific services, a remote, unauthorized attacker can exploit this vulnerability to connect to specific services to obtain add...
CVE-2018-7961
There is a smart SMS verification code vulnerability in some Huawei smart phones. An attacker should trick a user to access malicious Website or malicious App and register. Due to incorrect processing of the smart SMS verification code, successful ex...
CVE-2018-7960
There is a SRTP icon display vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept the packets in non-secure transmission mode. Successful exploitation may intercept and tamper with...
CVE-2018-7959
There is a short key vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to intercept and decrypt the call information when the user enables SRTP to make a call. Successful exploitation may ca...
CVE-2018-7958
There is an anonymous TLS cipher suites supported vulnerability in Huawei eSpace product. An unauthenticated, remote attacker launches man-in-the-middle attack to hijack the connection from a client when the user signs up to log in by TLS. Due to ins...
CVE-2018-7926
Huawei Watch 2 with versions and earlier than OWDD.180707.001.E1 have an improper authorization vulnerability. Due to improper permission configuration for specific operations, an attacker who obtained the Huawei ID bound to the watch can bypass perm...

Copyright 2019, cxsecurity.com

 

Back to Top