Vulnerability CVE-2017-17301


Published: 2018-02-15

Description:
Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30 V100R001C10, TE60 V100R003C00, V500R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660 V100R008C02, V100R008C03, eSpace IAD V300R002C01, eSpace U1981 V200R003C20, V200R003C30, eSpace USM V100R001C01, V300R001C00 have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain permissions configured for the specific user name.

Type:

CWE-295

(Certificate Issues)

Vendor: Huawei
Product: Smc2.0 firmware 
Version: v500r002c00;
Product: Vp9660 firmware 
Version:
v500r002c00
v200r001c30
v200r001c02
See more versions on NVD
Product: Te60 firmware 
Version: v500r002c00;
Product: Dp300 firmware 
Version: v500r002c00;
Product: Espace iad firmware 
Version: v300r002c01;
Product: Espace usm firmware 
Version: v300r001c00;
Product: Ar3200 firmware 
Version:
v200r008c30
v200r008c20
v200r008c10
v200r008c00
v200r007c02
v200r007c01
v200r007c00
v200r006c11
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar510 firmware 
Version:
v200r008c20
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar1200-s firmware 
Version:
v200r008c20
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar2200-s firmware 
Version:
v200r008c20
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar150 firmware 
Version:
v200r008c20
v200r007c02
v200r007c01
v200r007c00
v200r006c10
See more versions on NVD
Product: Ar1200 firmware 
Version:
v200r008c20
v200r007c02
v200r007c01
v200r007c00
v200r006c10
v200r005c32
v200r005c20
See more versions on NVD
Product: Ar2200 firmware 
Version:
v200r008c20
v200r007c02
v200r007c01
v200r007c00
v200r006c10
v200r005c32
v200r005c20
See more versions on NVD
Product: Srg2300 firmware 
Version:
v200r008c20
v200r007c02
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Srg1300 firmware 
Version:
v200r008c20
v200r007c02
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar3600 firmware 
Version:
v200r008c20
v200r007c01
v200r007c00
v200r006c10
See more versions on NVD
Product: Ar120-s firmware 
Version:
v200r008c20
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar200 firmware 
Version:
v200r008c20
v200r007c01
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar200-s firmware 
Version:
v200r008c20
v200r007c01
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar160 firmware 
Version:
v200r008c20
v200r007c02
v200r007c01
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Srg3300 firmware 
Version:
v200r008c20
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Espace u1981 firmware 
Version: v200r003c30; v200r003c20;
Product: Cloudengine 5800 firmware 
Version: v200r001c00; v100r006c00;
Product: Cloudengine 7800 firmware 
Version:
v200r001c00
v100r006c00
v100r005c10
See more versions on NVD
Product: Cloudengine 12800 firmware 
Version: v200r001c00; v100r006c00;
Product: Cloudengine 6800 firmware 
Version: v200r001c00; v100r006c00;
Product: Viewpoint 8660 firmware 
Version: v100r008c03; v100r008c02;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en

Related CVE
CVE-2019-5289
Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out-of-bounds read vulnerability due to the insufficient checks of the specific packet length. Attackers can construct invalid packets to attack the active and standby communication c...
CVE-2019-5280
The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has a TLS certificate verification vulnerability. Due to insufficient verification of specific parameters of the TLS server certificate, attackers can perform man-in-the-middle attack...
CVE-2019-5223
PCManager 9.1.3.1 has an improper authentication vulnerability. The certain driver interface of the software does not perform a validation of user-mode data properly, successful exploit could result in malicious code execution.
CVE-2019-5236
Huawei smart phones Emily-L29C with versions of 8.1.0.132a(C432), 8.1.0.135(C782), 8.1.0.154(C10), 8.1.0.154(C461), 8.1.0.154(C635), 8.1.0.156(C185), 8.1.0.156(C605), 8.1.0.159(C636) have a double free vulnerability. An attacker can trick a user to c...
CVE-2019-5222
There is an information disclosure vulnerability on Secure Input of certain Huawei smartphones in Versions earlier than Tony-AL00B 9.1.0.216(C00E214R2P1). The Secure Input does not properly limit certain system privilege. An attacker tricks the user ...
CVE-2019-5245
HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulnerability. This vulnerability exists due to some DLL file is loaded by HiSuite improperly. And it allows an attacker to load this DLL file of the attacker's choosing that could execu...
CVE-2019-5243
There is a Clickjacking vulnerability in Huawei HG255s product. An attacker may trick user to click a link and affect the integrity of a device by exploiting this vulnerability.
CVE-2019-5242
There is a code execution vulnerability in Huawei PCManager versions earlier than PCManager 9.0.1.50. The attacker can tricking a user to install and run a malicious application to exploit this vulnerability. Successful exploitation may cause the att...

Copyright 2019, cxsecurity.com

 

Back to Top