PT-2017-14733 · Huawei · Nip6600+8
Published
2017-12-06
·
Updated
2018-02-24
·
CVE-2017-17154
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Huawei IPS Module versions V500R001C00 through V500R001C20SPC300PWE
NGFW Module versions V500R001C00 through V500R001C20SPC300PWE
NIP6300 versions V500R001C00 through V500R001C20SPC300PWE
NIP6600 versions V500R001C00 through V500R001C20SPC300PWE
Secospace USG6300 versions V500R001C00 through V500R001C20SPC300PWE
Secospace USG6500 versions V500R001C00 through V500R001C20SPC300PWE
Secospace USG6600 versions V500R001C00 through V500R001C20SPC300PWE
USG9500 versions V500R001C00 through V500R001C20SPC300PWE
Description
The issue is related to a DoS vulnerability in IKEv2 due to insufficient input validation. An attacker could exploit this to cause unauthorized memory access, potentially leading to system exceptions.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Ips Module
Huawei Vrp
Ngfw Module
Nip6300
Nip6600
Secospace Usg6300
Secospace Usg6500
Secospace Usg6600
Usg9500