CVE-2017-15326
Summary
| CVE | CVE-2017-15326 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-03-23 16:29:00 UTC |
| Updated | 2018-04-19 14:04:00 UTC |
| Description | DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability. DBS3900 TDD LTE supports SSL/TLS protocol negotiation using insecure encryption algorithms. If an insecure encryption algorithm is negotiated in the communication, an unauthenticated remote attacker can exploit this vulnerability to crack the encrypted data and cause information leakage. |
Risk And Classification
Problem Types: CWE-327
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Huawei | Dbs3900 Tdd Lte | - | All | All | All |
| Hardware | Huawei | Dbs3900 Tdd Lte | - | All | All | All |
| Operating System | Huawei | Dbs3900 Tdd Lte Firmware | v100r003c00 | All | All | All |
| Operating System | Huawei | Dbs3900 Tdd Lte Firmware | v100r004c10 | All | All | All |
| Operating System | Huawei | Dbs3900 Tdd Lte Firmware | v100r003c00 | All | All | All |
| Operating System | Huawei | Dbs3900 Tdd Lte Firmware | v100r004c10 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory - Weak Algorithm Vulnerability on Huawei Products | CONFIRM | www.huawei.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.