CVE-2017-17138: Input Validation
First published: Mon Mar 05 2018(Updated: )
PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a DoS vulnerability in PEM module of Huawei products due to insufficient verification. An authenticated local attacker can make processing into deadloop by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei DP300 firmware | =v500r002c00 | |
| Huawei DP300 firmware | ||
| Huawei IPS firmware | =v500r001c00 | |
| Huawei IPS firmware | =v500r001c30 | |
| Huawei IPS Module firmware | ||
| Huawei NGFW Module firmware | =v500r001c00 | |
| Huawei NGFW Module firmware | =v500r002c00 | |
| Huawei NGFW Module | ||
| Huawei NIP6300 firmware | =v500r001c00 | |
| Huawei NIP6300 firmware | =v500r001c30 | |
| Huawei NIP6300 firmware | ||
| Huawei NIP6600 | =v500r001c00 | |
| Huawei NIP6600 | =v500r001c30 | |
| Huawei NIP6600 firmware | ||
| Huawei RP200 | =v500r002c00 | |
| Huawei RP200 | =v600r006c00 | |
| Huawei RP200 firmware | ||
| Huawei S12700 Firmware | =v200r007c00 | |
| Huawei S12700 Firmware | =v200r007c01 | |
| Huawei S12700 Firmware | =v200r008c00 | |
| Huawei S12700 Firmware | =v200r009c00 | |
| Huawei S12700 Firmware | =v200r010c00 | |
| Huawei S12700 Firmware | ||
| Huawei S1700 Firmware | =v200r006c10 | |
| Huawei S1700 Firmware | =v200r009c00 | |
| Huawei S1700 Firmware | =v200r010c00 | |
| Huawei S1700 Firmware | ||
| Huawei S2700 Firmware | =v200r006c10 | |
| Huawei S2700 Firmware | =v200r007c00 | |
| Huawei S2700 Firmware | =v200r008c00 | |
| Huawei S2700 Firmware | =v200r009c00 | |
| Huawei S2700 Firmware | =v200r010c00 | |
| Huawei S2700 | ||
| Huawei Campus S5700 firmware | =v200r006c00 | |
| Huawei Campus S5700 firmware | =v200r007c00 | |
| Huawei Campus S5700 firmware | =v200r008c00 | |
| Huawei Campus S5700 firmware | =v200r009c00 | |
| Huawei Campus S5700 firmware | =v200r010c00 | |
| Huawei S5700 Firmware | ||
| Huawei 6700EI firmware | =v200r008c00 | |
| Huawei 6700EI firmware | =v200r009c00 | |
| Huawei 6700EI firmware | =v200r010c00 | |
| Huawei S6700 Firmware | ||
| Huawei Campus S7700 firmware | =v200r007c00 | |
| Huawei Campus S7700 firmware | =v200r008c00 | |
| Huawei Campus S7700 firmware | =v200r009c00 | |
| Huawei Campus S7700 firmware | =v200r010c00 | |
| Huawei Campus S7700 | ||
| Huawei LSW S9700 firmware | =v200r007c00 | |
| Huawei LSW S9700 firmware | =v200r007c01 | |
| Huawei LSW S9700 firmware | =v200r008c00 | |
| Huawei LSW S9700 firmware | =v200r009c00 | |
| Huawei LSW S9700 firmware | =v200r010c00 | |
| Huawei 9700 Firmware | ||
| Huawei USG6300E firmware | =v500r001c00 | |
| Huawei USG6300E firmware | =v500r001c30 | |
| Huawei Secospace USG6300 firmware | ||
| Huawei Secospace USG6500 | =v500r001c00 | |
| Huawei Secospace USG6500 | =v500r001c30 | |
| Huawei Secospace USG6500 firmware | ||
| Huawei Secospace USG6600 firmware | =v500r001c00 | |
| Huawei Secospace USG6600 firmware | =v500r001c30s | |
| Huawei Secospace USG6600 firmware | ||
| Huawei TE30 Firmware | =v100r001c02 | |
| Huawei TE30 Firmware | =v100r001c10 | |
| Huawei TE30 Firmware | =v500r002c00 | |
| Huawei TE30 Firmware | =v600r006c00 | |
| Huawei TE30 Firmware | ||
| Huawei TE40 | =v500r002c00 | |
| Huawei TE40 | =v600r006c00 | |
| Huawei TE40 | ||
| Huawei TE50 | =v500r002c00 | |
| Huawei TE50 | =v600r006c00 | |
| Huawei TE50 firmware | ||
| Huawei TE60 Firmware | =v100r001c02 | |
| Huawei TE60 Firmware | =v100r001c10 | |
| Huawei TE60 Firmware | =v500r002c00 | |
| Huawei TE60 Firmware | =v600r006c00 | |
| Huawei TE60 Firmware | ||
| Huawei TP3106 | =v100r002c00 | |
| Huawei TP3106 firmware | ||
| Huawei TP3206 | =v100r002c00 | |
| Huawei TP3206 | =v100r002c10 | |
| Huawei TP3206 | ||
| Huawei USG9500 firmware | =v500r001c00 | |
| Huawei USG9500 firmware | =v500r001c30 | |
| Huawei Eudemon USG9500 | ||
| Huawei ViewPoint 9030 | =v100r011c02 | |
| Huawei ViewPoint 9030 | =v100r011c03 | |
| Huawei ViewPoint 9030 firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2017-17138?
The severity of CVE-2017-17138 is high due to the potential impact on system availability and data confidentiality.
How do I fix CVE-2017-17138?
To fix CVE-2017-17138, update the affected Huawei firmware to the latest version specified by Huawei's security advisory.
Which systems are affected by CVE-2017-17138?
CVE-2017-17138 affects various Huawei systems including the DP300, IPS Module, NGFW Module, NIP6300, NIP6600, RP200, S12700, S1700, and more.
Is there a workaround for CVE-2017-17138?
A recommended workaround for CVE-2017-17138 is to temporarily disable any unnecessary services until the firmware can be updated.
What could happen if CVE-2017-17138 is exploited?
If CVE-2017-17138 is exploited, an attacker may gain unauthorized access to sensitive information or disrupt the normal operation of the affected systems.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/huawei dp300 firmware
- version/huawei dp300 firmware/v500r002c00
- canonical/huawei ips firmware
- version/huawei ips firmware/v500r001c00
- version/huawei ips firmware/v500r001c30
- canonical/huawei ips module firmware
- canonical/huawei ngfw module firmware
- version/huawei ngfw module firmware/v500r001c00
- version/huawei ngfw module firmware/v500r002c00
- canonical/huawei ngfw module
- canonical/huawei nip6300 firmware
- version/huawei nip6300 firmware/v500r001c00
- version/huawei nip6300 firmware/v500r001c30
- canonical/huawei nip6600
- version/huawei nip6600/v500r001c00
- version/huawei nip6600/v500r001c30
- canonical/huawei nip6600 firmware
- canonical/huawei rp200
- version/huawei rp200/v500r002c00
- version/huawei rp200/v600r006c00
- canonical/huawei rp200 firmware
- canonical/huawei s12700 firmware
- version/huawei s12700 firmware/v200r007c00
- version/huawei s12700 firmware/v200r007c01
- version/huawei s12700 firmware/v200r008c00
- version/huawei s12700 firmware/v200r009c00
- version/huawei s12700 firmware/v200r010c00
- canonical/huawei s1700 firmware
- version/huawei s1700 firmware/v200r006c10
- version/huawei s1700 firmware/v200r009c00
- version/huawei s1700 firmware/v200r010c00
- canonical/huawei s2700 firmware
- version/huawei s2700 firmware/v200r006c10
- version/huawei s2700 firmware/v200r007c00
- version/huawei s2700 firmware/v200r008c00
- version/huawei s2700 firmware/v200r009c00
- version/huawei s2700 firmware/v200r010c00
- canonical/huawei s2700
- canonical/huawei campus s5700 firmware
- version/huawei campus s5700 firmware/v200r006c00
- version/huawei campus s5700 firmware/v200r007c00
- version/huawei campus s5700 firmware/v200r008c00
- version/huawei campus s5700 firmware/v200r009c00
- version/huawei campus s5700 firmware/v200r010c00
- canonical/huawei s5700 firmware
- canonical/huawei 6700ei firmware
- version/huawei 6700ei firmware/v200r008c00
- version/huawei 6700ei firmware/v200r009c00
- version/huawei 6700ei firmware/v200r010c00
- canonical/huawei s6700 firmware
- canonical/huawei campus s7700 firmware
- version/huawei campus s7700 firmware/v200r007c00
- version/huawei campus s7700 firmware/v200r008c00
- version/huawei campus s7700 firmware/v200r009c00
- version/huawei campus s7700 firmware/v200r010c00
- canonical/huawei campus s7700
- canonical/huawei lsw s9700 firmware
- version/huawei lsw s9700 firmware/v200r007c00
- version/huawei lsw s9700 firmware/v200r007c01
- version/huawei lsw s9700 firmware/v200r008c00
- version/huawei lsw s9700 firmware/v200r009c00
- version/huawei lsw s9700 firmware/v200r010c00
- canonical/huawei 9700 firmware
- canonical/huawei usg6300e firmware
- version/huawei usg6300e firmware/v500r001c00
- version/huawei usg6300e firmware/v500r001c30
- canonical/huawei secospace usg6300 firmware
- canonical/huawei secospace usg6500
- version/huawei secospace usg6500/v500r001c00
- version/huawei secospace usg6500/v500r001c30
- canonical/huawei secospace usg6500 firmware
- canonical/huawei secospace usg6600 firmware
- version/huawei secospace usg6600 firmware/v500r001c00
- version/huawei secospace usg6600 firmware/v500r001c30s
- canonical/huawei te30 firmware
- version/huawei te30 firmware/v100r001c02
- version/huawei te30 firmware/v100r001c10
- version/huawei te30 firmware/v500r002c00
- version/huawei te30 firmware/v600r006c00
- canonical/huawei te40
- version/huawei te40/v500r002c00
- version/huawei te40/v600r006c00
- canonical/huawei te50
- version/huawei te50/v500r002c00
- version/huawei te50/v600r006c00
- canonical/huawei te50 firmware
- canonical/huawei te60 firmware
- version/huawei te60 firmware/v100r001c02
- version/huawei te60 firmware/v100r001c10
- version/huawei te60 firmware/v500r002c00
- version/huawei te60 firmware/v600r006c00
- canonical/huawei tp3106
- version/huawei tp3106/v100r002c00
- canonical/huawei tp3106 firmware
- canonical/huawei tp3206
- version/huawei tp3206/v100r002c00
- version/huawei tp3206/v100r002c10
- canonical/huawei usg9500 firmware
- version/huawei usg9500 firmware/v500r001c00
- version/huawei usg9500 firmware/v500r001c30
- canonical/huawei eudemon usg9500
- canonical/huawei viewpoint 9030
- version/huawei viewpoint 9030/v100r011c02
- version/huawei viewpoint 9030/v100r011c03
- canonical/huawei viewpoint 9030 firmware