CVE-2017-17311
Summary
| CVE | CVE-2017-17311 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-08-21 13:29:00 UTC |
| Updated | 2018-10-12 17:01:00 UTC |
| Description | Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a DoS vulnerability in the IPSEC IKEv1 implementations of Huawei Firewall products. Due to improper handling of the malformed messages, an attacker may sent crafted packets to the affected device to exploit these vulnerabilities. Successful exploit the vulnerability could lead to device deny of service. |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Huawei | Usg2205bsr | - | All | All | All |
| Hardware | Huawei | Usg2205bsr | - | All | All | All |
| Operating System | Huawei | Usg2205bsr Firmware | v300r001c10spc600 | All | All | All |
| Operating System | Huawei | Usg2205bsr Firmware | v300r001c10spc600 | All | All | All |
| Hardware | Huawei | Usg2220bsr | - | All | All | All |
| Hardware | Huawei | Usg2220bsr | - | All | All | All |
| Operating System | Huawei | Usg2220bsr Firmware | v300r001c00 | All | All | All |
| Operating System | Huawei | Usg2220bsr Firmware | v300r001c00 | All | All | All |
| Hardware | Huawei | Usg5120bsr | - | All | All | All |
| Hardware | Huawei | Usg5120bsr | - | All | All | All |
| Operating System | Huawei | Usg5120bsr Firmware | v300r001c00 | All | All | All |
| Operating System | Huawei | Usg5120bsr Firmware | v300r001c00 | All | All | All |
| Hardware | Huawei | Usg5150bsr | - | All | All | All |
| Hardware | Huawei | Usg5150bsr | - | All | All | All |
| Operating System | Huawei | Usg5150bsr Firmware | v300r001c00 | All | All | All |
| Operating System | Huawei | Usg5150bsr Firmware | v300r001c00 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Advisory - Multiple Vulnerabilities in IPsec IKE of Huawei Firewall Products | CONFIRM | www.huawei.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.