PT-2018-6479 · Huawei · Usg5150Bsr+4
Dennis Felsch
+2
·
Published
2018-08-13
·
Updated
2018-10-12
·
CVE-2017-17305
CVSS v3.1
5.9
Medium
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Huawei Firewall products USG2205BSR version V300R001C10SPC600
Huawei Firewall products USG2220BSR version V300R001C00
Huawei Firewall products USG5120BSR version V300R001C00
Huawei Firewall products USG5150BSR version V300R001C00
Description:
The issue is related to a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. Remote attackers can decrypt IPSEC tunnel ciphertext data by leveraging a Bleichenbacher RSA padding oracle, causing a Bleichenbacher oracle attack. Successful exploitation of this issue can impact IPSec tunnel security.
Recommendations:
For USG2205BSR version V300R001C10SPC600, consider disabling the IPSEC IKEv1 implementation until a patch is available.
For USG2220BSR version V300R001C00, consider disabling the IPSEC IKEv1 implementation until a patch is available.
For USG5120BSR version V300R001C00, consider disabling the IPSEC IKEv1 implementation until a patch is available.
For USG5150BSR version V300R001C00, consider disabling the IPSEC IKEv1 implementation until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Huawei Vrp
Usg2205Bsr
Usg2220Bsr
Usg5120Bsr
Usg5150Bsr