CVE-2017-17153

CWE-20 — Improper Input Validation CWE-7723 documents3 sources

Severity

7.5HIGH

EPSS

0.2%

top 60.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei IPS Module Firmware Huawei Ngfw Module Firmware Huawei Nip6300 Firmware +5 more

Timeline

PublishedFeb 15

Latest updateMay 13

Description

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R0…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages8 packages

▶NVDhuawei/secospace_usg6300_firmware16 versions+15

▶NVDhuawei/secospace_usg6500_firmware16 versions+15

▶NVDhuawei/secospace_usg6600_firmware17 versions+16

▶NVDhuawei/ngfw_module_firmware15 versions+14

▶NVDhuawei/ips_module_firmware14 versions+13

🔴Vulnerability Details

GHSA

GHSA-w63h-7hq2-f36c: IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V5↗2022-05-13

▶

CVEList

CVE-2017-17153: IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V5↗2018-02-15

▶

External resources

NVD MITRE

Affected products8

Huawei IPS Module Firmwarevv500r001c00vv500r001c00spc200vv500r001c00spc300+11 more

Huawei Ngfw Module Firmwarevv500r001c00vv500r001c00spc200vv500r001c00spc300+12 more

Huawei Nip6300 Firmwarevv500r001c00vv500r001c00spc200vv500r001c00spc300+11 more

Huawei Nip6600 Firmwarevv500r001c00vv500r001c00spc200vv500r001c00spc300+10 more

Huawei Secospace Usg6300 Firmwarevv500r001c00vv500r001c00spc200vv500r001c00spc300+13 more

Huawei Secospace Usg6500 Firmwarevv500r001c00vv500r001c00spc200vv500r001c00spc300+13 more

Huawei Secospace Usg6600 Firmwarevv500r001c00vv500r001c00spc100vv500r001c00spc200+14 more

Huawei Usg9500 Firmwarevv500r001c00vv500r001c00spc200vv500r001c00spc300+14 more

Disclosure

PublishedFeb 15, 2018

Latest updateMay 13, 2022