CVE-2017-17301

CWE-295 — Improper Certificate Validation3 documents3 sources

Severity

9.8CRITICAL

EPSS

0.2%

top 63.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Ar120-s Firmware Huawei Ar1200-s Firmware Huawei Ar1200 Firmware +25 more

Timeline

PublishedFeb 15

Latest updateMay 13

Description

Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR200-S V200R005C32, V200R006C10, V200R007C00, V…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages28 packages

▶NVDhuawei/cloudengine_5800_firmware6 versions+5

▶NVDhuawei/cloudengine_6800_firmware6 versions+5

▶NVDhuawei/cloudengine_7800_firmware6 versions+5

▶NVDhuawei/cloudengine_12800_firmware6 versions+5

▶NVDhuawei/espace_u1981_firmwarev200r003c20, v200r003c30+1

🔴Vulnerability Details

GHSA

GHSA-7vg8-9cq4-jmgg: Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02↗2022-05-13

▶

CVEList

CVE-2017-17301: Huawei AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, AR1200 V200R005C20, V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02↗2018-02-15

▶

External resources

NVD MITRE

Affected products28

Huawei Ar120-s Firmwarevv200r005c32vv200r006c10vv200r007c00+1 more

Huawei Ar1200 Firmwarevv200r005c20vv200r005c32vv200r006c10+4 more

Huawei Ar1200-s Firmwarevv200r005c32vv200r006c10vv200r007c00+1 more

Huawei Ar150 Firmwarevv200r006c10vv200r007c00vv200r007c01+2 more

Huawei Ar160 Firmwarevv200r005c32vv200r006c10vv200r007c00+3 more

Huawei Ar200 Firmwarevv200r005c32vv200r006c10vv200r007c00+2 more

Huawei Ar200-s Firmwarevv200r005c32vv200r006c10vv200r007c00+2 more

Huawei Ar2200 Firmwarevv200r005c20vv200r005c32vv200r006c10+4 more

Huawei Ar2200-s Firmwarevv200r005c32vv200r006c10vv200r007c00+1 more

Huawei Ar3200 Firmwarevv200r005c32vv200r006c10vv200r006c11+7 more

Disclosure

PublishedFeb 15, 2018

Latest updateMay 13, 2022