What is the severity of CVE-2017-17153?

CVE-2017-17153 has a high severity rating due to its impact on Huawei IPS Module and its potential to allow unauthorized access.

How do I fix CVE-2017-17153?

To fix CVE-2017-17153, you should update to the latest firmware version provided by Huawei for the affected IPS modules.

What systems are affected by CVE-2017-17153?

CVE-2017-17153 affects multiple versions of Huawei IPS Module firmware including v500R001C00, v500R001C00SPC200, and others.

What is the nature of the vulnerability in CVE-2017-17153?

CVE-2017-17153 is a vulnerability in the IKEv2 protocol implementation that can be exploited to bypass authentication.

Is there a workaround for CVE-2017-17153?

There are no reliable workarounds for CVE-2017-17153 other than applying the necessary firmware updates.

Vulnerability/
CVE-2017-17153

high

7.5

CWE

20 772

15/2/2018

3/10/2019

CVE-2017-17153: Input Validation

First published: Thu Feb 15 2018(Updated: )

IKEv2 in Huawei IPS Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NGFW Module V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, NIP6600 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, Secospace USG6300 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE, Secospace USG6600 V500R001C00, V500R001C00SPC100, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC301, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200PWE, V500R001C20SPC300, V500R001C20SPC300B078, V500R001C20SPC300PWE, USG9500 V500R001C00, V500R001C00SPC200, V500R001C00SPC300, V500R001C00SPC303, V500R001C00SPC500, V500R001C00SPC500PWE, V500R001C00SPH303, V500R001C00SPH508, V500R001C20, V500R001C20SPC100, V500R001C20SPC100PWE, V500R001C20SPC101, V500R001C20SPC200, V500R001C20SPC200B062, V500R001C20SPC200PWE, V500R001C20SPC300B078, V500R001C20SPC300PWE has a memory leak vulnerability due to memory release failure resulted from insufficient input validation. An attacker could exploit it to cause memory leak, which may further lead to system exceptions.

Credit: psirt@huawei.com

Affected Software	Affected Version	How to fix
Huawei IPS Module firmware	=v500r001c00
Huawei IPS Module firmware	=v500r001c00spc200
Huawei IPS Module firmware	=v500r001c00spc300
Huawei IPS Module firmware	=v500r001c00spc500
Huawei IPS Module firmware	=v500r001c00sph303
Huawei IPS Module firmware	=v500r001c00sph508
Huawei IPS Module firmware	=v500r001c20
Huawei IPS Module firmware	=v500r001c20spc100
Huawei IPS Module firmware	=v500r001c20spc100pwe
Huawei IPS Module firmware	=v500r001c20spc200
Huawei IPS Module firmware	=v500r001c20spc200b062
Huawei IPS Module firmware	=v500r001c20spc200pwe
Huawei IPS Module firmware	=v500r001c20spc300b078
Huawei IPS Module firmware	=v500r001c20spc300pwe
Huawei IPS Module
Huawei NGFW Module firmware	=v500r001c00
Huawei NGFW Module firmware	=v500r001c00spc200
Huawei NGFW Module firmware	=v500r001c00spc300
Huawei NGFW Module firmware	=v500r001c00spc500
Huawei NGFW Module firmware	=v500r001c00spc500pwe
Huawei NGFW Module firmware	=v500r001c00sph303
Huawei NGFW Module firmware	=v500r001c00sph508
Huawei NGFW Module firmware	=v500r001c20
Huawei NGFW Module firmware	=v500r001c20spc100
Huawei NGFW Module firmware	=v500r001c20spc100pwe
Huawei NGFW Module firmware	=v500r001c20spc200
Huawei NGFW Module firmware	=v500r001c20spc200b062
Huawei NGFW Module firmware	=v500r001c20spc200pwe
Huawei NGFW Module firmware	=v500r001c20spc300b078
Huawei NGFW Module firmware	=v500r001c20spc300pwe
Huawei NGFW Module
Huawei NIP6300 firmware	=v500r001c00
Huawei NIP6300 firmware	=v500r001c00spc200
Huawei NIP6300 firmware	=v500r001c00spc300
Huawei NIP6300 firmware	=v500r001c00spc500
Huawei NIP6300 firmware	=v500r001c00sph303
Huawei NIP6300 firmware	=v500r001c00sph508
Huawei NIP6300 firmware	=v500r001c20
Huawei NIP6300 firmware	=v500r001c20spc100
Huawei NIP6300 firmware	=v500r001c20spc100pwe
Huawei NIP6300 firmware	=v500r001c20spc200
Huawei NIP6300 firmware	=v500r001c20spc200b062
Huawei NIP6300 firmware	=v500r001c20spc200pwe
Huawei NIP6300 firmware	=v500r001c20spc300b078
Huawei NIP6300 firmware	=v500r001c20spc300pwe
Huawei NIP6300 firmware
Huawei NIP6600	=v500r001c00
Huawei NIP6600	=v500r001c00spc200
Huawei NIP6600	=v500r001c00spc300
Huawei NIP6600	=v500r001c00spc500
Huawei NIP6600	=v500r001c00sph303
Huawei NIP6600	=v500r001c00sph508
Huawei NIP6600	=v500r001c20
Huawei NIP6600	=v500r001c20spc100
Huawei NIP6600	=v500r001c20spc100pwe
Huawei NIP6600	=v500r001c20spc200
Huawei NIP6600	=v500r001c20spc200b062
Huawei NIP6600	=v500r001c20spc200pwe
Huawei NIP6600	=v500r001c20spc300b078
Huawei NIP6600 firmware
Huawei USG6300E firmware	=v500r001c00
Huawei USG6300E firmware	=v500r001c00spc200
Huawei USG6300E firmware	=v500r001c00spc300
Huawei USG6300E firmware	=v500r001c00spc500
Huawei USG6300E firmware	=v500r001c00spc500pwe
Huawei USG6300E firmware	=v500r001c00sph303
Huawei USG6300E firmware	=v500r001c00sph508
Huawei USG6300E firmware	=v500r001c20
Huawei USG6300E firmware	=v500r001c20spc100
Huawei USG6300E firmware	=v500r001c20spc100pwe
Huawei USG6300E firmware	=v500r001c20spc101
Huawei USG6300E firmware	=v500r001c20spc200
Huawei USG6300E firmware	=v500r001c20spc200b062
Huawei USG6300E firmware	=v500r001c20spc200pwe
Huawei USG6300E firmware	=v500r001c20spc300b078
Huawei USG6300E firmware	=v500r001c20spc300pwe
Huawei Secospace USG6300 firmware
Huawei Secospace USG6500	=v500r001c00
Huawei Secospace USG6500	=v500r001c00spc200
Huawei Secospace USG6500	=v500r001c00spc300
Huawei Secospace USG6500	=v500r001c00spc500
Huawei Secospace USG6500	=v500r001c00spc500pwe
Huawei Secospace USG6500	=v500r001c00sph303
Huawei Secospace USG6500	=v500r001c00sph508
Huawei Secospace USG6500	=v500r001c20
Huawei Secospace USG6500	=v500r001c20spc100
Huawei Secospace USG6500	=v500r001c20spc100pwe
Huawei Secospace USG6500	=v500r001c20spc101
Huawei Secospace USG6500	=v500r001c20spc200
Huawei Secospace USG6500	=v500r001c20spc200b062
Huawei Secospace USG6500	=v500r001c20spc200pwe
Huawei Secospace USG6500	=v500r001c20spc300b078
Huawei Secospace USG6500	=v500r001c20spc300pwe
Huawei Secospace USG6500 firmware
Huawei Secospace USG6600 firmware	=v500r001c00
Huawei Secospace USG6600 firmware	=v500r001c00spc100
Huawei Secospace USG6600 firmware	=v500r001c00spc200
Huawei Secospace USG6600 firmware	=v500r001c00spc300
Huawei Secospace USG6600 firmware	=v500r001c00spc301
Huawei Secospace USG6600 firmware	=v500r001c00spc500
Huawei Secospace USG6600 firmware	=v500r001c00spc500pwe
Huawei Secospace USG6600 firmware	=v500r001c00sph303
Huawei Secospace USG6600 firmware	=v500r001c20
Huawei Secospace USG6600 firmware	=v500r001c20spc100
Huawei Secospace USG6600 firmware	=v500r001c20spc100pwe
Huawei Secospace USG6600 firmware	=v500r001c20spc101
Huawei Secospace USG6600 firmware	=v500r001c20spc200
Huawei Secospace USG6600 firmware	=v500r001c20spc200pwe
Huawei Secospace USG6600 firmware	=v500r001c20spc300
Huawei Secospace USG6600 firmware	=v500r001c20spc300b078
Huawei Secospace USG6600 firmware	=v500r001c20spc300pwe
Huawei Secospace USG6600 firmware
Huawei USG9500 firmware	=v500r001c00
Huawei USG9500 firmware	=v500r001c00spc200
Huawei USG9500 firmware	=v500r001c00spc300
Huawei USG9500 firmware	=v500r001c00spc303
Huawei USG9500 firmware	=v500r001c00spc500
Huawei USG9500 firmware	=v500r001c00spc500pwe
Huawei USG9500 firmware	=v500r001c00sph303
Huawei USG9500 firmware	=v500r001c00sph508
Huawei USG9500 firmware	=v500r001c20
Huawei USG9500 firmware	=v500r001c20spc100
Huawei USG9500 firmware	=v500r001c20spc100pwe
Huawei USG9500 firmware	=v500r001c20spc101
Huawei USG9500 firmware	=v500r001c20spc200
Huawei USG9500 firmware	=v500r001c20spc200b062
Huawei USG9500 firmware	=v500r001c20spc200pwe
Huawei USG9500 firmware	=v500r001c20spc300b078
Huawei USG9500 firmware	=v500r001c20spc300pwe
Huawei USG9500

Never miss a vulnerability like this again

Reference Links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171206-01-ikev2-en

Frequently Asked Questions

What is the severity of CVE-2017-17153?
CVE-2017-17153 has a high severity rating due to its impact on Huawei IPS Module and its potential to allow unauthorized access.
How do I fix CVE-2017-17153?
To fix CVE-2017-17153, you should update to the latest firmware version provided by Huawei for the affected IPS modules.
What systems are affected by CVE-2017-17153?
CVE-2017-17153 affects multiple versions of Huawei IPS Module firmware including v500R001C00, v500R001C00SPC200, and others.
What is the nature of the vulnerability in CVE-2017-17153?
CVE-2017-17153 is a vulnerability in the IKEv2 protocol implementation that can be exploited to bypass authentication.
Is there a workaround for CVE-2017-17153?
There are no reliable workarounds for CVE-2017-17153 other than applying the necessary firmware updates.

agent/type
agent/first-publish-date
agent/last-modified-date
agent/author
agent/weakness
agent/references
agent/severity
agent/tags
agent/softwarecombine
agent/description
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
vendor/huawei
canonical/huawei ips module firmware
version/huawei ips module firmware/v500r001c00
version/huawei ips module firmware/v500r001c00spc200
version/huawei ips module firmware/v500r001c00spc300
version/huawei ips module firmware/v500r001c00spc500
version/huawei ips module firmware/v500r001c00sph303
version/huawei ips module firmware/v500r001c00sph508
version/huawei ips module firmware/v500r001c20
version/huawei ips module firmware/v500r001c20spc100
version/huawei ips module firmware/v500r001c20spc100pwe
version/huawei ips module firmware/v500r001c20spc200
version/huawei ips module firmware/v500r001c20spc200b062
version/huawei ips module firmware/v500r001c20spc200pwe
version/huawei ips module firmware/v500r001c20spc300b078
version/huawei ips module firmware/v500r001c20spc300pwe
canonical/huawei ips module
canonical/huawei ngfw module firmware
version/huawei ngfw module firmware/v500r001c00
version/huawei ngfw module firmware/v500r001c00spc200
version/huawei ngfw module firmware/v500r001c00spc300
version/huawei ngfw module firmware/v500r001c00spc500
version/huawei ngfw module firmware/v500r001c00spc500pwe
version/huawei ngfw module firmware/v500r001c00sph303
version/huawei ngfw module firmware/v500r001c00sph508
version/huawei ngfw module firmware/v500r001c20
version/huawei ngfw module firmware/v500r001c20spc100
version/huawei ngfw module firmware/v500r001c20spc100pwe
version/huawei ngfw module firmware/v500r001c20spc200
version/huawei ngfw module firmware/v500r001c20spc200b062
version/huawei ngfw module firmware/v500r001c20spc200pwe
version/huawei ngfw module firmware/v500r001c20spc300b078
version/huawei ngfw module firmware/v500r001c20spc300pwe
canonical/huawei ngfw module
canonical/huawei nip6300 firmware
version/huawei nip6300 firmware/v500r001c00
version/huawei nip6300 firmware/v500r001c00spc200
version/huawei nip6300 firmware/v500r001c00spc300
version/huawei nip6300 firmware/v500r001c00spc500
version/huawei nip6300 firmware/v500r001c00sph303
version/huawei nip6300 firmware/v500r001c00sph508
version/huawei nip6300 firmware/v500r001c20
version/huawei nip6300 firmware/v500r001c20spc100
version/huawei nip6300 firmware/v500r001c20spc100pwe
version/huawei nip6300 firmware/v500r001c20spc200
version/huawei nip6300 firmware/v500r001c20spc200b062
version/huawei nip6300 firmware/v500r001c20spc200pwe
version/huawei nip6300 firmware/v500r001c20spc300b078
version/huawei nip6300 firmware/v500r001c20spc300pwe
canonical/huawei nip6600
version/huawei nip6600/v500r001c00
version/huawei nip6600/v500r001c00spc200
version/huawei nip6600/v500r001c00spc300
version/huawei nip6600/v500r001c00spc500
version/huawei nip6600/v500r001c00sph303
version/huawei nip6600/v500r001c00sph508
version/huawei nip6600/v500r001c20
version/huawei nip6600/v500r001c20spc100
version/huawei nip6600/v500r001c20spc100pwe
version/huawei nip6600/v500r001c20spc200
version/huawei nip6600/v500r001c20spc200b062
version/huawei nip6600/v500r001c20spc200pwe
version/huawei nip6600/v500r001c20spc300b078
canonical/huawei nip6600 firmware
canonical/huawei usg6300e firmware
version/huawei usg6300e firmware/v500r001c00
version/huawei usg6300e firmware/v500r001c00spc200
version/huawei usg6300e firmware/v500r001c00spc300
version/huawei usg6300e firmware/v500r001c00spc500
version/huawei usg6300e firmware/v500r001c00spc500pwe
version/huawei usg6300e firmware/v500r001c00sph303
version/huawei usg6300e firmware/v500r001c00sph508
version/huawei usg6300e firmware/v500r001c20
version/huawei usg6300e firmware/v500r001c20spc100
version/huawei usg6300e firmware/v500r001c20spc100pwe
version/huawei usg6300e firmware/v500r001c20spc101
version/huawei usg6300e firmware/v500r001c20spc200
version/huawei usg6300e firmware/v500r001c20spc200b062
version/huawei usg6300e firmware/v500r001c20spc200pwe
version/huawei usg6300e firmware/v500r001c20spc300b078
version/huawei usg6300e firmware/v500r001c20spc300pwe
canonical/huawei secospace usg6300 firmware
canonical/huawei secospace usg6500
version/huawei secospace usg6500/v500r001c00
version/huawei secospace usg6500/v500r001c00spc200
version/huawei secospace usg6500/v500r001c00spc300
version/huawei secospace usg6500/v500r001c00spc500
version/huawei secospace usg6500/v500r001c00spc500pwe
version/huawei secospace usg6500/v500r001c00sph303
version/huawei secospace usg6500/v500r001c00sph508
version/huawei secospace usg6500/v500r001c20
version/huawei secospace usg6500/v500r001c20spc100
version/huawei secospace usg6500/v500r001c20spc100pwe
version/huawei secospace usg6500/v500r001c20spc101
version/huawei secospace usg6500/v500r001c20spc200
version/huawei secospace usg6500/v500r001c20spc200b062
version/huawei secospace usg6500/v500r001c20spc200pwe
version/huawei secospace usg6500/v500r001c20spc300b078
version/huawei secospace usg6500/v500r001c20spc300pwe
canonical/huawei secospace usg6500 firmware
canonical/huawei secospace usg6600 firmware
version/huawei secospace usg6600 firmware/v500r001c00
version/huawei secospace usg6600 firmware/v500r001c00spc100
version/huawei secospace usg6600 firmware/v500r001c00spc200
version/huawei secospace usg6600 firmware/v500r001c00spc300
version/huawei secospace usg6600 firmware/v500r001c00spc301
version/huawei secospace usg6600 firmware/v500r001c00spc500
version/huawei secospace usg6600 firmware/v500r001c00spc500pwe
version/huawei secospace usg6600 firmware/v500r001c00sph303
version/huawei secospace usg6600 firmware/v500r001c20
version/huawei secospace usg6600 firmware/v500r001c20spc100
version/huawei secospace usg6600 firmware/v500r001c20spc100pwe
version/huawei secospace usg6600 firmware/v500r001c20spc101
version/huawei secospace usg6600 firmware/v500r001c20spc200
version/huawei secospace usg6600 firmware/v500r001c20spc200pwe
version/huawei secospace usg6600 firmware/v500r001c20spc300
version/huawei secospace usg6600 firmware/v500r001c20spc300b078
version/huawei secospace usg6600 firmware/v500r001c20spc300pwe
canonical/huawei usg9500 firmware
version/huawei usg9500 firmware/v500r001c00
version/huawei usg9500 firmware/v500r001c00spc200
version/huawei usg9500 firmware/v500r001c00spc300
version/huawei usg9500 firmware/v500r001c00spc303
version/huawei usg9500 firmware/v500r001c00spc500
version/huawei usg9500 firmware/v500r001c00spc500pwe
version/huawei usg9500 firmware/v500r001c00sph303
version/huawei usg9500 firmware/v500r001c00sph508
version/huawei usg9500 firmware/v500r001c20
version/huawei usg9500 firmware/v500r001c20spc100
version/huawei usg9500 firmware/v500r001c20spc100pwe
version/huawei usg9500 firmware/v500r001c20spc101
version/huawei usg9500 firmware/v500r001c20spc200
version/huawei usg9500 firmware/v500r001c20spc200b062
version/huawei usg9500 firmware/v500r001c20spc200pwe
version/huawei usg9500 firmware/v500r001c20spc300b078
version/huawei usg9500 firmware/v500r001c20spc300pwe
canonical/huawei usg9500

CVE-2017-17153: Input Validation

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-17153?

How do I fix CVE-2017-17153?

What systems are affected by CVE-2017-17153?

What is the nature of the vulnerability in CVE-2017-17153?

Is there a workaround for CVE-2017-17153?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2017-17153?

How do I fix CVE-2017-17153?

What systems are affected by CVE-2017-17153?

What is the nature of the vulnerability in CVE-2017-17153?

Is there a workaround for CVE-2017-17153?