CVE-2017-17165

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

7.5HIGH

EPSS

0.2%

top 57.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Quidway S2700 Firmware Huawei Quidway S5300 Firmware Huawei Quidway S5700 Firmware +7 more

Timeline

PublishedFeb 15

Latest updateMay 14

Description

IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, S2300 V200R003C00, V200R003C00SPC300T, V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S2700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S5300 V200R003C00, V200R003C00SPC300T, V200R003C00SPC600, V200R003C02, V200R005C00, V200R005C01, V200R005C02, V200R005C03, V200R005C05, V200R006C00, V200R007C00, V200R008C00, V200R009C00, S5700 V200R003…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages10 packages

▶NVDhuawei/quidway_s2700_firmwarev200r003c00spc300

▶NVDhuawei/quidway_s5300_firmwarev200r003c00spc300

▶NVDhuawei/quidway_s5700_firmwarev200r003c00spc300

▶NVDhuawei/s2700_firmware5 versions+4

▶NVDhuawei/s5300_firmware13 versions+12

🔴Vulnerability Details

GHSA

GHSA-rr24-pwwf-78vh: IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, S2300 V200R003C00, V200R003↗2022-05-14

▶

CVEList

CVE-2017-17165: IPv6 function in Huawei Quidway S2700 V200R003C00SPC300, Quidway S5300 V200R003C00SPC300, Quidway S5700 V200R003C00SPC300, S2300 V200R003C00, V200R003↗2018-02-15

▶