CVE-2017-17174

Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. To exploit the vulnerability, a remote, unauthenticated attacker has to capture TLS traffic between clients and the affected products. The attacker may launch the Bleichenbacher attack on RSA key exchange to decrypt the session key and the previously captured sessions by some cryptanalytic operations. Successful exploit may cause information leak.

CVSS v3 5.9 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.9^/10

CVSS v3 : MEDIUM

Vector : AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180703-01-algorithm-en	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:huawei:rse6500_firmware:v500r002c00:*:*:*:*:*:*:*

cpe:2.3:h:huawei:rse6500:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:huawei:softco_firmware:v200r003c20spcb00:*:*:*:*:*:*:*

cpe:2.3:h:huawei:softco:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:huawei:vp9660_firmware:v600r006c10:*:*:*:*:*:*:*

cpe:2.3:h:huawei:vp9660:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

OR	cpe:2.3:o:huawei:espace_u1981_firmware:v200r001c20:::::::*
	cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c20:::::::*
	cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c30:::::::*
	cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c50:::::::*

cpe:2.3:h:huawei:espace_u1981:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-07-31 14:29

Updated : 2024-02-28 16:48

NVD link : CVE-2017-17174

Mitre link : CVE-2017-17174

CVE.ORG link : CVE-2017-17174

JSON object : View

Products Affected

huawei

rse6500_firmware
softco
espace_u1981
softco_firmware
rse6500
vp9660
espace_u1981_firmware
vp9660_firmware

CWE

CWE-310

Cryptographic Issues

{"id": "CVE-2017-17174", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2018-07-31T14:29:00.247", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180703-01-algorithm-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-310"}]}], "descriptions": [{"lang": "en", "value": "Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. To exploit the vulnerability, a remote, unauthenticated attacker has to capture TLS traffic between clients and the affected products. The attacker may launch the Bleichenbacher attack on RSA key exchange to decrypt the session key and the previously captured sessions by some cryptanalytic operations. Successful exploit may cause information leak."}, {"lang": "es", "value": "Algunos productos Huawei RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30 y V200R003C50 tienen una vulnerabilidad de algoritmo d\u00e9bil. Para explotar esta vulnerabilidad, un atacante no autenticado remoto debe capturar tr\u00e1fico TLS entre los clientes y los productos afectados. El atacante podr\u00eda iniciar un ataque Bleichenbacher en el intercambio de claves RSA para descifrar la clave de sesi\u00f3n y las sesiones previamente capturadas por medio de operaciones de criptoan\u00e1lisis. Un exploit con \u00e9xito podr\u00eda provocar un filtrado de informaci\u00f3n."}], "lastModified": "2018-10-12T13:37:08.603", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:rse6500_firmware:v500r002c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "649BB696-BDBE-46FC-A23D-287DE306D8BB"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:rse6500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4DD9417D-0515-4B21-AD32-E6B137575D01"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:softco_firmware:v200r003c20spcb00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CCA190A-D381-4139-B2A6-28B19A534C75"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:softco:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CB0BB461-988A-4E55-BEFC-C5BB8245E751"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:vp9660_firmware:v600r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8D888F94-B0D9-4CFF-8A29-7F1720B5BEDA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:vp9660:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D1DC498B-F19F-403A-ACFE-F8364A78EC66"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:espace_u1981_firmware:v200r001c20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CDC5311E-194E-4891-B762-8FC1EAA27E72"}, {"criteria": "cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C82BCBDF-4F07-47F1-BB91-6148E2403133"}, {"criteria": "cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC865317-D874-469D-AE84-7700B0F1485C"}, {"criteria": "cpe:2.3:o:huawei:espace_u1981_firmware:v200r003c50:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21E676EE-B0B5-4177-8676-2936DE259C39"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:espace_u1981:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C7BD4D80-D901-4082-B74D-A1D0CC24CA9F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}