{"id": "CVE-2017-17160", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2018-02-15T16:29:02.017", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171213-01-ike-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C02, AR3600 V200R006C10, V200R007C00, AR510 V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, NetEngine16EX V200R006C10, V200R007C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, SRG2300 V200R006C10, V200R007C00, V200R007C02, SRG3300 V200R006C10, V200R007C00 have a buffer overflow vulnerability due to incomplete range checks of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending malicious IKE packets to the targeted device. An exploit could allow the attacker to cause the device to write out of bound and restart."}, {"lang": "es", "value": "Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C02, AR3600 V200R006C10, V200R007C00, AR510 V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, NetEngine16EX V200R006C10, V200R007C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, SRG2300 V200R006C10, V200R007C00, V200R007C02, SRG3300 V200R006C10 y V200R007C00 tienen una vulnerabilidad de desbordamiento de b\u00fafer debido a las comprobaciones de rango incompletas de los datos de entrada. Un atacante remoto no autenticado podr\u00eda explotar esta vulnerabilidad enviando paquetes IKE maliciosos al dispositivo objetivo. Una explotaci\u00f3n podr\u00eda permitir que el atacante provoque que el dispositivo escriba fuera de l\u00edmites y se reinicie."}], "lastModified": "2018-03-01T14:45:59.613", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9EC3BAF-54F8-4EEC-A99B-D8BD458EE638"}, {"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DD9E894-321E-4A61-9DA6-677042DDD739"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D0CFDB51-BF44-4433-AB2A-CFF553F8D640"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFE416CD-53B5-4E08-BB30-682887740C3D"}, {"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r006c13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83D6C34F-ED85-461D-89AF-3B8C439867FF"}, {"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F64071E5-6ACD-4E51-9162-B0FF3DC08E07"}, {"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4459EF03-890E-446E-8702-8F7CE499FB48"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D4BA4150-8CA8-48BF-9D45-ABC8AC710060"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBB60F62-0715-4C1E-B352-A3D61B56E2AD"}, {"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D125153E-FE39-49A7-95AA-9482C78E7114"}, {"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A0C5EF2-05D5-4DE5-AFA3-5394E51B33E4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar1200-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B053C248-3CC2-476D-95A7-90EDD8EAAD69"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0D92A6F-B30C-4E09-91FC-9C7FFF375710"}, {"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "455D7A4E-523E-40C8-958D-59D128F3E797"}, {"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C1B1393-1D47-448D-A5FF-0B2EF74CF172"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "526371A8-11FE-4D00-AFBB-8E867A320B27"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72BC8C3E-420F-49D1-9E58-98E4E23A024F"}, {"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "787AC5E3-CE88-491D-8211-BAB11112019D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar150-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ED3D18A0-71EC-4B1E-89FC-9522F9A64ACA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85A72083-717F-4C71-A2D7-62E1C64FEE94"}, {"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r006c12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAB93A84-773E-4DDF-B8B6-8705D2000CBB"}, {"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B15E8B7-9F4B-45F1-B4FF-B32AF8CEA9FA"}, {"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34CCEC64-BD07-49F7-8804-98A74257F060"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar160:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "137A007D-A498-483F-8B4F-DCA118B25F11"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7C77ADC-2511-4630-B5F5-F2991EA39E0A"}, {"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "622686BB-9302-449F-9351-75B189D1B184"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2562CCF8-A4A7-4ACD-AA67-E3DB8B5ADA92"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7114E20-407A-4B1C-9FCE-FF367B50E0E6"}, {"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE9B95EB-A848-4311-8500-9C909784393E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar200-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BEDFA4F2-3040-4355-B6E0-4F3B9FC2CDDC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F042B27-F875-4BA3-9002-E5ADC544208B"}, {"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r006c13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FC62ECA-1F47-4316-87F4-60E7E8FFCEB9"}, {"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r006c16pwe:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD069FB1-8A7E-4D29-94F2-D7F94BA306D4"}, {"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F377CE1E-77A7-447F-B692-A54682A26BB4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "50662078-4827-4706-AE29-170E2239C5AE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32119825-AF22-44AA-8D04-1FAACF9E2E89"}, {"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A2BC38B-D016-4E83-A14E-FE8575135DD9"}, {"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B897F931-00B2-4FDF-90CE-5077416E42BC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar2200-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5862E1A5-0222-4059-B9D7-716A6D0EB8CC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB9A3444-A485-4B87-B910-F3DA5C8E5D74"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8BE6310-A42C-4BB3-BB02-7CE6F4FF340D"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9752658E-3CF5-4D9E-98FB-D15FD892479C"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC727A7A-CF3D-4DC9-9083-A0CE8ED886A8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26CFB676-658E-4DEF-8C29-13CA633D7270"}, {"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D395DD8-E338-457E-A4E6-D3A08DE1B571"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar3600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D30DC2EA-1F76-4CA6-BAC2-8DC796BE50B1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4072905-CA96-44F9-8868-BB20BDC56EE6"}, {"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CE13681-CF1A-4765-B35A-E6E674C334B4"}, {"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F77B216-3E00-4EC0-9BEB-6ACD322874C8"}, {"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5F06D60-CC92-4B27-9248-40C9CD8EF000"}, {"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03F01709-8D14-4C0D-9990-0BC01AAEE1B3"}, {"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50C579A9-2768-4202-9171-BC803554E923"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar510:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FCD9E893-609B-4C97-82E6-0651AEC39D14"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE7A0E2C-8383-443D-8625-77CBC53D2140"}, {"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F719A3F-2EEE-470B-B42B-0E4B7C7CBD89"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:netengine16ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E6224ECC-6949-4204-94D1-C7374C142A50"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DF1DFD2-5337-45CA-A1A9-2E6622536027"}, {"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B319F31F-94D7-468F-8F71-96F40867AEA0"}, {"criteria": "cpe:2.3:o:huawei:srg1300_firmware:v200r007c02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27D882C1-BFE2-4C29-86FF-C10F86323D5E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:srg1300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CF77FB70-AAF3-421E-8D9B-F0C54E6A2FC0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D485D5E3-3819-4F3A-B841-ACB6253ACF2F"}, {"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D10EBBF2-8F03-472C-96DB-C72E426E4E38"}, {"criteria": "cpe:2.3:o:huawei:srg2300_firmware:v200r007c02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0E2E7D1-1F41-4EB2-9401-A3C4F988D64C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:srg2300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9BAF601C-B8EC-42F5-95F4-274F8492F57E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "309B9B0E-3639-4913-9DE4-9D4DAE6B0065"}, {"criteria": "cpe:2.3:o:huawei:srg3300_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4619CF2C-AB5D-475A-ACF6-61EE02306F7A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:srg3300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "43681AE7-5C12-4772-85A9-0A10177C6CFD"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}