Vulnerability CVE-2017-17301


Published: 2018-02-15

Description:
Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR2200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R005C32, V200R006C10, V200R007C00, V200R008C20, CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 5800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 6800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, CloudEngine 7800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00, V200R001C00, DP300 V500R002C00, SMC2.0 V100R003C10, V100R005C00, V500R002C00, SRG1300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG2300 V200R005C32, V200R006C10, V200R007C00, V200R007C02, V200R008C20, SRG3300 V200R005C32, V200R006C10, V200R007C00, V200R008C20, TE30 V100R001C10, TE60 V100R003C00, V500R002C00, VP9660 V200R001C02, V200R001C30, V500R002C00, ViewPoint 8660 V100R008C02, V100R008C03, eSpace IAD V300R002C01, eSpace U1981 V200R003C20, V200R003C30, eSpace USM V100R001C01, V300R001C00 have a weak cryptography vulnerability. Due to not properly some values in the certificates, an unauthenticated remote attacker could forges a specific RSA certificate and exploits the vulnerability to pass identity authentication and logs into the target device to obtain permissions configured for the specific user name.

Type:

CWE-310

(Cryptographic Issues)

Vendor: Huawei
Product: Smc2.0 firmware 
Version: v500r002c00;
Product: Vp9660 firmware 
Version:
v500r002c00
v200r001c30
v200r001c02
See more versions on NVD
Product: Te60 firmware 
Version: v500r002c00;
Product: Dp300 firmware 
Version: v500r002c00;
Product: Espace iad firmware 
Version: v300r002c01;
Product: Espace usm firmware 
Version: v300r001c00;
Product: Ar3200 firmware 
Version:
v200r008c30
v200r008c20
v200r008c10
v200r008c00
v200r007c02
v200r007c01
v200r007c00
v200r006c11
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar510 firmware 
Version:
v200r008c20
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar1200-s firmware 
Version:
v200r008c20
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar2200-s firmware 
Version:
v200r008c20
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar150 firmware 
Version:
v200r008c20
v200r007c02
v200r007c01
v200r007c00
v200r006c10
See more versions on NVD
Product: Ar1200 firmware 
Version:
v200r008c20
v200r007c02
v200r007c01
v200r007c00
v200r006c10
v200r005c32
v200r005c20
See more versions on NVD
Product: Ar2200 firmware 
Version:
v200r008c20
v200r007c02
v200r007c01
v200r007c00
v200r006c10
v200r005c32
v200r005c20
See more versions on NVD
Product: Srg2300 firmware 
Version:
v200r008c20
v200r007c02
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Srg1300 firmware 
Version:
v200r008c20
v200r007c02
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar3600 firmware 
Version:
v200r008c20
v200r007c01
v200r007c00
v200r006c10
See more versions on NVD
Product: Ar120-s firmware 
Version:
v200r008c20
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar200 firmware 
Version:
v200r008c20
v200r007c01
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar200-s firmware 
Version:
v200r008c20
v200r007c01
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Ar160 firmware 
Version:
v200r008c20
v200r007c02
v200r007c01
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Srg3300 firmware 
Version:
v200r008c20
v200r007c00
v200r006c10
v200r005c32
See more versions on NVD
Product: Espace u1981 firmware 
Version: v200r003c30; v200r003c20;
Product: Cloudengine 5800 firmware 
Version: v200r001c00; v100r006c00;
Product: Cloudengine 7800 firmware 
Version:
v200r001c00
v100r006c00
v100r005c10
See more versions on NVD
Product: Cloudengine 12800 firmware 
Version: v200r001c00; v100r006c00;
Product: Cloudengine 6800 firmware 
Version: v200r001c00; v100r006c00;
Product: Viewpoint 8660 firmware 
Version: v100r008c03; v100r008c02;

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171222-01-cryptography-en

Related CVE
CVE-2018-7926
Huawei Watch 2 with versions and earlier than OWDD.180707.001.E1 have an improper authorization vulnerability. Due to improper permission configuration for specific operations, an attacker who obtained the Huawei ID bound to the watch can bypass perm...
CVE-2018-7925
The radio module of some Huawei smartphones Emily-AL00A The versions before 8.1.0.171(C00) have a lock-screen bypass vulnerability. An unauthenticated attacker could start third-part input method APP through certain operations to bypass lock-screen b...
CVE-2018-7910
Some Huawei smartphones ALP-AL00B 8.0.0.118D(C00), ALP-TL00B 8.0.0.118D(C01), BLA-AL00B 8.0.0.118D(C00), BLA-L09C 8.0.0.127(C432), 8.0.0.128(C432), 8.0.0.137(C432), BLA-L29C 8.0.0.129(C432), 8.0.0.137(C432) have an authentication bypass vulnerability...
CVE-2018-7911
Some Huawei smart phones ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00), 8.0.0.126(SP5C00), 8.0.0.127(SP1C00), 8.0.0.128(SP...
CVE-2018-7989
Huawei Mate 10 pro smartphones with the versions before BLA-AL00B 8.1.0.326(C00) have an improper authentication vulnerability. App Lock is a function to prevent unauthorized use of apps on smartphones, an attacker could directly change the lock pass...
CVE-2018-7924
Anne-AL00 Huawei phones with versions earlier than 8.0.0.151(C00) have an information leak vulnerability. Due to improper permission settings for specific commands, attackers who can connect to a mobile phone via the USB interface may exploit this vu...
CVE-2018-7907
Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-...
CVE-2018-7921
Huawei B315s-22 products with software of 21.318.01.00.26 have an information leak vulnerability. Unauthenticated adjacent attackers may exploit this vulnerability to obtain device information.

Copyright 2018, cxsecurity.com

 

Back to Top