CVE-2017-8147

CWE-20 — Improper Input Validation3 documents3 sources

Severity

7.5HIGH

EPSS

0.2%

top 63.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Ac6005 Firmware Huawei Ac6605 Firmware Huawei Ar1200 Firmware +20 more

Timeline

PublishedNov 22

Latest updateMay 17

Description

AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software V200R005C20SPC026T,AR3200 V200R005C20SPC026T,CloudEngine 12800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 5800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 6800 with software V100R003C00, V100R005C00, V100R005C10, V100R006C00, V200R001C00,CloudEngine 7800 wi…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages23 packages

▶NVDhuawei/cloudengine_5800_firmware5 versions+4

▶NVDhuawei/cloudengine_6800_firmware5 versions+4

▶NVDhuawei/cloudengine_7800_firmware5 versions+4

▶NVDhuawei/cloudengine_8800_firmwarev100r006c00, v200r001c00+1

▶NVDhuawei/cloudengine_12800_firmware5 versions+4

🔴Vulnerability Details

GHSA

GHSA-ggq6-wxw8-wjcm: AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software↗2022-05-17

▶

CVEList

CVE-2017-8147: AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software↗2017-11-22

▶