CVE-2017-17157

CWE-20Improper Input Validation3 documents3 sources
Severity
7.5HIGH
EPSS
0.2%
top 60.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Huawei IPS Module FirmwareHuawei Ngfw Module FirmwareHuawei Nip6300 Firmware+5 more
Timeline
PublishedFeb 15
Latest updateMay 14

Description

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R0

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages8 packages

NVDhuawei/ngfw_module_firmware15 versions+14
NVDhuawei/ips_module_firmware14 versions+13

🔴Vulnerability Details

2
GHSA
GHSA-r8jc-74qc-rv5x: IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V52022-05-14
CVEList
CVE-2017-17157: IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V52018-02-15
CVE-2017-17157 (HIGH CVSS 7.5) | IKEv2 in Huawei IPS Module V500R001 | cvebase.io