CVE-2017-17305

{"id": "CVE-2017-17305", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2018-08-21T13:29:00.263", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180813-01-Bleichenbacher-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}, {"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180813-01-Bleichenbacher-en", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-310"}]}], "descriptions": [{"lang": "en", "value": "Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. Remote attackers can decrypt IPSEC tunnel ciphertext data by leveraging a Bleichenbacher RSA padding oracle. Cause a Bleichenbacher oracle attack. Successful exploit this vulnerability can impact IPSec tunnel security."}, {"lang": "es", "value": "Algunos productos Firewall de Huawei, en sus modelos USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR y V300R001C00 tienen una vulnerabilidad de or\u00e1culo de Bleichenbacher en las implementaciones IPSEC IKEv1. Los atacantes remotos puedes descifrar los datos del texto cifrado mediante un t\u00fanel IPSEC utilizando un or\u00e1culo de Bleichenbacher en el relleno (padding) de RSA. Esto puede provocar un ataque de or\u00e1culo de Bleichenbacher. Su explotaci\u00f3n con \u00e9xito puede afectar a la seguridad del t\u00fanel IPSec."}], "lastModified": "2024-11-21T03:17:48.070", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:usg2205bsr_firmware:v300r001c10spc600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6C9DEE4-F23B-4F54-9868-EDF5AC95D333"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:usg2205bsr:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D9D90A5F-E41D-4CFD-86D2-FB208031CBAB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:usg2220bsr_firmware:v300r001c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B8F1406-67A4-4A46-8248-1712E85FE1D9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:usg2220bsr:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3E4257B6-A1C0-4585-93EF-63081534C5E5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:usg5120bsr_firmware:v300r001c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54B9E222-40C0-408C-A669-8CF99836FE62"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:usg5120bsr:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9C515743-EA4D-41A6-B295-90EBA5553AD6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:usg5150bsr_firmware:v300r001c00:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56E5A858-16C9-4085-BE5A-78A680D2F4D5"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:usg5150bsr:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3F058EF4-A6D4-4931-B571-332E0C1B052D"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}