Out-of-Bound Write Vulnerability in Huawei Networking Products
CVE-2017-17286
Summary
The affected Huawei networking products are vulnerable to an out-of-bound write issue due to insufficient input validation. This vulnerability allows a remote, unauthenticated attacker to craft an encryption key that leads to a buffer overflow, potentially causing abnormal service operation or complete disruption. Organizations using these devices should apply necessary patches to mitigate risks associated with this vulnerability.
Affected Version(s)
AR120-S,AR1200,AR1200-S,AR150,AR150-S,AR160,AR200,AR200-S,AR2200,AR2200-S,AR3200,AR3600,AR510,NetEngine16EX,SRG1300,SRG2300,SRG3300 AR120-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR150 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR150-S V200R005C32, V200R007C00, V200R008C20, V200R008C30,AR160 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR200 V200R005C32, V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30,AR200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR2200 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR2200-S V200R005C32, V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR3200 V200R005C32, V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30,AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20,AR510 V20 ...[truncated*]
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved