{"id": "CVE-2017-17299", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2018-02-15T16:29:03.517", "references": [{"url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171215-01-ike-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00S, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C02, AR3600 V200R006C10, V200R007C00, AR510 V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, IPS Module V500R001C30, NIP6300 V500R001C30, NetEngine16EX V200R006C10, V200R007C00 have an insufficient input validation vulnerability. An unauthenticated, remote attacker may send crafted IKE V2 messages to the affected products. Due to the insufficient validation of the messages, successful exploit will cause invalid memory access and result in a denial of service on the affected products."}, {"lang": "es", "value": "Huawei AR120-S V200R006C10, V200R007C00, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C02, AR1200-S V200R006C10, V200R007C00, V200R008C20, AR150 V200R006C10, V200R007C00, V200R007C02, AR150-S V200R006C10, V200R007C00, AR160 V200R006C10, V200R006C12, V200R007C00S, V200R007C02, AR200 V200R006C10, V200R007C00, AR200-S V200R006C10, V200R007C00, AR2200 V200R006C10, V200R006C13, V200R006C16, V200R007C00, V200R007C02, AR2200-S V200R006C10, V200R007C00, V200R008C20, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C02, AR3600 V200R006C10, V200R007C00, AR510 V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00, IPS Module V500R001C30, NIP6300 V500R001C30, NetEngine16EX V200R006C10 y V200R007C00 tienen una vulnerabilidad de validaci\u00f3n de entradas insuficiente. Un atacante remoto no autenticado podr\u00eda enviar mensajes IKE V2 manipulados a los productos afectados. Debido a la validaci\u00f3n insuficiente de los mensajes, una explotaci\u00f3n con \u00e9xito provocar\u00e1 un acceso inv\u00e1lido a la memoria y resultar\u00e1 en una denegaci\u00f3n de servicio (DoS) en los productos afectados"}], "lastModified": "2018-03-09T14:36:04.120", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9EC3BAF-54F8-4EEC-A99B-D8BD458EE638"}, {"criteria": "cpe:2.3:o:huawei:ar120-s_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DD9E894-321E-4A61-9DA6-677042DDD739"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar120-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D0CFDB51-BF44-4433-AB2A-CFF553F8D640"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFE416CD-53B5-4E08-BB30-682887740C3D"}, {"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r006c13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83D6C34F-ED85-461D-89AF-3B8C439867FF"}, {"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F64071E5-6ACD-4E51-9162-B0FF3DC08E07"}, {"criteria": "cpe:2.3:o:huawei:ar1200_firmware:v200r007c02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4459EF03-890E-446E-8702-8F7CE499FB48"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar1200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D4BA4150-8CA8-48BF-9D45-ABC8AC710060"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBB60F62-0715-4C1E-B352-A3D61B56E2AD"}, {"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D125153E-FE39-49A7-95AA-9482C78E7114"}, {"criteria": "cpe:2.3:o:huawei:ar1200-s_firmware:v200r008c20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A0C5EF2-05D5-4DE5-AFA3-5394E51B33E4"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar1200-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B053C248-3CC2-476D-95A7-90EDD8EAAD69"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0D92A6F-B30C-4E09-91FC-9C7FFF375710"}, {"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "455D7A4E-523E-40C8-958D-59D128F3E797"}, {"criteria": "cpe:2.3:o:huawei:ar150_firmware:v200r007c02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C1B1393-1D47-448D-A5FF-0B2EF74CF172"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "526371A8-11FE-4D00-AFBB-8E867A320B27"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72BC8C3E-420F-49D1-9E58-98E4E23A024F"}, {"criteria": "cpe:2.3:o:huawei:ar150-s_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "787AC5E3-CE88-491D-8211-BAB11112019D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar150-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ED3D18A0-71EC-4B1E-89FC-9522F9A64ACA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "85A72083-717F-4C71-A2D7-62E1C64FEE94"}, {"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r006c12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAB93A84-773E-4DDF-B8B6-8705D2000CBB"}, {"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c00s:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69F794C7-F69F-4D06-8074-E664158FAE8A"}, {"criteria": "cpe:2.3:o:huawei:ar160_firmware:v200r007c02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34CCEC64-BD07-49F7-8804-98A74257F060"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar160:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "137A007D-A498-483F-8B4F-DCA118B25F11"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7C77ADC-2511-4630-B5F5-F2991EA39E0A"}, {"criteria": "cpe:2.3:o:huawei:ar200_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "622686BB-9302-449F-9351-75B189D1B184"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2562CCF8-A4A7-4ACD-AA67-E3DB8B5ADA92"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7114E20-407A-4B1C-9FCE-FF367B50E0E6"}, {"criteria": "cpe:2.3:o:huawei:ar200-s_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE9B95EB-A848-4311-8500-9C909784393E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar200-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BEDFA4F2-3040-4355-B6E0-4F3B9FC2CDDC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F042B27-F875-4BA3-9002-E5ADC544208B"}, {"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r006c13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FC62ECA-1F47-4316-87F4-60E7E8FFCEB9"}, {"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r006c16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5C732C2-60D0-4CC9-A2C4-76F6478159EC"}, {"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F377CE1E-77A7-447F-B692-A54682A26BB4"}, {"criteria": "cpe:2.3:o:huawei:ar2200_firmware:v200r007c02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5CCF46F-1B0F-4829-BB28-758777313451"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar2200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "50662078-4827-4706-AE29-170E2239C5AE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "32119825-AF22-44AA-8D04-1FAACF9E2E89"}, {"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A2BC38B-D016-4E83-A14E-FE8575135DD9"}, {"criteria": "cpe:2.3:o:huawei:ar2200-s_firmware:v200r008c20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B897F931-00B2-4FDF-90CE-5077416E42BC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar2200-s:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5862E1A5-0222-4059-B9D7-716A6D0EB8CC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB9A3444-A485-4B87-B910-F3DA5C8E5D74"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r006c11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8BE6310-A42C-4BB3-BB02-7CE6F4FF340D"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9752658E-3CF5-4D9E-98FB-D15FD892479C"}, {"criteria": "cpe:2.3:o:huawei:ar3200_firmware:v200r007c02:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC727A7A-CF3D-4DC9-9083-A0CE8ED886A8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar3200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9309E1AA-0C4E-422C-9307-A8DD0AE5D576"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26CFB676-658E-4DEF-8C29-13CA633D7270"}, {"criteria": "cpe:2.3:o:huawei:ar3600_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D395DD8-E338-457E-A4E6-D3A08DE1B571"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar3600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D30DC2EA-1F76-4CA6-BAC2-8DC796BE50B1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4072905-CA96-44F9-8868-BB20BDC56EE6"}, {"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CE13681-CF1A-4765-B35A-E6E674C334B4"}, {"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F77B216-3E00-4EC0-9BEB-6ACD322874C8"}, {"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5F06D60-CC92-4B27-9248-40C9CD8EF000"}, {"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r006c17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03F01709-8D14-4C0D-9990-0BC01AAEE1B3"}, {"criteria": "cpe:2.3:o:huawei:ar510_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50C579A9-2768-4202-9171-BC803554E923"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ar510:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FCD9E893-609B-4C97-82E6-0651AEC39D14"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:ips_module_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "074FE8AB-6BE1-4E77-84E2-1D5C7205D0E0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:ips_module:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2BAD43A3-730A-4ABC-89F0-DF93A06AA60F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:nip6300_firmware:v500r001c30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "728A7B78-6E19-4656-848F-269DB955070C"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:nip6300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5E054182-CE33-45E3-8595-159A75BA5162"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r006c10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE7A0E2C-8383-443D-8625-77CBC53D2140"}, {"criteria": "cpe:2.3:o:huawei:netengine16ex_firmware:v200r007c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F719A3F-2EEE-470B-B42B-0E4B7C7CBD89"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:netengine16ex:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E6224ECC-6949-4204-94D1-C7374C142A50"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}