CVE-2017-8167Improper Input Validation in Technologies CO LTD Usg9500

CWE-20Improper Input Validation3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.3%
top 48.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Huawei Technologies CO LTD Usg9500Huawei Usg9500 Firmware
Timeline
PublishedNov 22
Latest updateMay 17

Description

Huawei firewall products USG9500 V500R001C50 has a DoS vulnerability.A remote attacker who controls the peer device could exploit the vulnerability by sending malformed IKE packets to the target device. Successful exploit of the vulnerability could cause the device to restart.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDhuawei/usg9500_firmwarev500r001c50
CVEListV5huawei_technologies_co_ltd/usg9500V500R001C50

🔴Vulnerability Details

2
GHSA
GHSA-m4m3-4cv6-v52c: Huawei firewall products USG9500 V500R001C50 has a DoS vulnerability2022-05-17
CVEList
CVE-2017-8167: Huawei firewall products USG9500 V500R001C50 has a DoS vulnerability2017-11-22
CVE-2017-8167 — Improper Input Validation | cvebase