CVE-2017-17167

CWE-327 — Broken Cryptographic Algorithm3 documents3 sources

Severity

5.9MEDIUM

EPSS

0.1%

top 78.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Dp300 Firmware Huawei Tp3206 Firmware Huawei Viewpoint 9030 Firmware

Timeline

PublishedMar 9

Latest updateMay 14

Description

Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerability. The software uses risky cryptographic algorithm in SSL. This is dangerous because a remote unauthenticated attacker could use well-known techniques to break the algorithm. Successful exploit could result in the exposure of sensitive information.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages3 packages

▶NVDhuawei/viewpoint_9030_firmwarev100r011c02, v100r011c03+1

▶NVDhuawei/dp300_firmwarev500r002c00

▶NVDhuawei/tp3206_firmwarev100r002c00

🔴Vulnerability Details

GHSA

GHSA-3v32-75q2-76mr: Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerab↗2022-05-14

▶

CVEList

CVE-2017-17167: Huawei DP300 V500R002C00; TP3206 V100R002C00; ViewPoint 9030 V100R011C02; V100R011C03 have a use of a broken or risky cryptographic algorithm vulnerab↗2018-03-09

▶