CVE-2017-17250
First published: Fri Mar 09 2018(Updated: )
Huawei AR120-S V200R005C32; AR1200 V200R005C32; AR1200-S V200R005C32; AR150 V200R005C32; AR150-S V200R005C32; AR160 V200R005C32; AR200 V200R005C32; AR200-S V200R005C32; AR2200-S V200R005C32; AR3200 V200R005C32; V200R007C00; AR510 V200R005C32; NetEngine16EX V200R005C32; SRG1300 V200R005C32; SRG2300 V200R005C32; SRG3300 V200R005C32 have an out-of-bounds write vulnerability. When a user executes a query command after the device received an abnormal OSPF message, the software writes data past the end of the intended buffer due to the insufficient verification of the input data. An unauthenticated, remote attacker could exploit this vulnerability by sending abnormal OSPF messages to the device. A successful exploit could cause the system to crash.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei AR120-S | =v200r005c32 | |
| Huawei AR120 firmware | ||
| Huawei ar1200 firmware | =v200r005c32 | |
| Huawei AR1200 | ||
| Huawei ar1200-s firmware | =v200r005c32 | |
| Huawei ar1200-s | ||
| Huawei ar150 firmware | =v200r005c32 | |
| Huawei AR 150 | ||
| Huawei AR160 Firmware | =v200r005c32 | |
| Huawei AR160 Firmware | ||
| Huawei AR200 Firmware | =v200r005c32 | |
| Huawei AR200 | ||
| Huawei AR200-S Firmware | =v200r005c32 | |
| Huawei AR200-S Firmware | ||
| Huawei ar150-s firmware | =v200r005c32 | |
| Huawei ar150-s | ||
| Huawei AR2200 Series Firmware | =v200r005c32 | |
| Huawei AR2200-S | ||
| Huawei AR3200 | =v200r005c32 | |
| Huawei AR3200 | =v200r007c00 | |
| Huawei AR3200 firmware | ||
| Huawei AR510 Firmware | =v200r005c32 | |
| Huawei AR510 | ||
| Huawei NetEngine 16EX firmware | =v200r005c32 | |
| Huawei NetEngine 16EX | ||
| Huawei S12700 Firmware | =v200r007c00 | |
| Huawei S12700 Firmware | =v200r007c01 | |
| Huawei S12700 Firmware | =v200r008c00 | |
| Huawei S12700 Firmware | ||
| Huawei S2700 Firmware | =v200r006c10 | |
| Huawei S2700 Firmware | =v200r007c00 | |
| Huawei S2700 Firmware | =v200r008c00 | |
| Huawei S2700 | ||
| Huawei Campus S5700 firmware | =v200r007c00 | |
| Huawei Campus S5700 firmware | =v200r008c00 | |
| Huawei S5700 Firmware | ||
| Huawei 6700EI firmware | =v200r008c00 | |
| Huawei S6700 Firmware | ||
| Huawei Campus S7700 firmware | =v200r007c00 | |
| Huawei Campus S7700 firmware | =v200r008c00 | |
| Huawei Campus S7700 | ||
| Huawei LSW S9700 firmware | =v200r007c00 | |
| Huawei LSW S9700 firmware | =v200r007c01 | |
| Huawei LSW S9700 firmware | =v200r008c00 | |
| Huawei 9700 Firmware | ||
| Huawei SRG1300 Firmware | =v200r005c32 | |
| Huawei SRG1300 | ||
| Huawei SRG2300 | =v200r005c32 | |
| Huawei SRG2300 | ||
| Huawei SRG3300 | =v200r005c32 | |
| Huawei SRG3300 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2017-17250?
The severity of CVE-2017-17250 is high.
What software versions are affected by CVE-2017-17250?
Huawei AR120-S V200R005C32, AR1200 V200R005C32, AR1200-S V200R005C32, AR150 V200R005C32, AR150-S V200R005C32, AR160 V200R005C32, AR200 V200R005C32, AR200-S V200R005C32, AR2200-S V200R005C32, AR3200 V200R005C32, V200R007C00, AR510 V200R005C32, NetEngine16EX V200R005C32, SRG1300 V200R005C32, SRG2300 V...
How can I fix CVE-2017-17250?
To fix CVE-2017-17250, it is recommended to update to the latest firmware version provided by Huawei.
Is Huawei AR120-S vulnerable to CVE-2017-17250?
No, Huawei AR120-S is not vulnerable to CVE-2017-17250.
Are there any additional references for CVE-2017-17250?
Yes, you can find additional information about CVE-2017-17250 on the Huawei Security Advisory page: http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180214-01-ospf-en
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/event
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/huawei ar120-s
- version/huawei ar120-s/v200r005c32
- canonical/huawei ar120 firmware
- canonical/huawei ar1200 firmware
- version/huawei ar1200 firmware/v200r005c32
- canonical/huawei ar1200
- canonical/huawei ar1200-s firmware
- version/huawei ar1200-s firmware/v200r005c32
- canonical/huawei ar1200-s
- canonical/huawei ar150 firmware
- version/huawei ar150 firmware/v200r005c32
- canonical/huawei ar 150
- canonical/huawei ar160 firmware
- version/huawei ar160 firmware/v200r005c32
- canonical/huawei ar200 firmware
- version/huawei ar200 firmware/v200r005c32
- canonical/huawei ar200
- canonical/huawei ar200-s firmware
- version/huawei ar200-s firmware/v200r005c32
- canonical/huawei ar150-s firmware
- version/huawei ar150-s firmware/v200r005c32
- canonical/huawei ar150-s
- canonical/huawei ar2200 series firmware
- version/huawei ar2200 series firmware/v200r005c32
- canonical/huawei ar2200-s
- canonical/huawei ar3200
- version/huawei ar3200/v200r005c32
- version/huawei ar3200/v200r007c00
- canonical/huawei ar3200 firmware
- canonical/huawei ar510 firmware
- version/huawei ar510 firmware/v200r005c32
- canonical/huawei ar510
- canonical/huawei netengine 16ex firmware
- version/huawei netengine 16ex firmware/v200r005c32
- canonical/huawei netengine 16ex
- canonical/huawei s12700 firmware
- version/huawei s12700 firmware/v200r007c00
- version/huawei s12700 firmware/v200r007c01
- version/huawei s12700 firmware/v200r008c00
- canonical/huawei s2700 firmware
- version/huawei s2700 firmware/v200r006c10
- version/huawei s2700 firmware/v200r007c00
- version/huawei s2700 firmware/v200r008c00
- canonical/huawei s2700
- canonical/huawei campus s5700 firmware
- version/huawei campus s5700 firmware/v200r007c00
- version/huawei campus s5700 firmware/v200r008c00
- canonical/huawei s5700 firmware
- canonical/huawei 6700ei firmware
- version/huawei 6700ei firmware/v200r008c00
- canonical/huawei s6700 firmware
- canonical/huawei campus s7700 firmware
- version/huawei campus s7700 firmware/v200r007c00
- version/huawei campus s7700 firmware/v200r008c00
- canonical/huawei campus s7700
- canonical/huawei lsw s9700 firmware
- version/huawei lsw s9700 firmware/v200r007c00
- version/huawei lsw s9700 firmware/v200r007c01
- version/huawei lsw s9700 firmware/v200r008c00
- canonical/huawei 9700 firmware
- canonical/huawei srg1300 firmware
- version/huawei srg1300 firmware/v200r005c32
- canonical/huawei srg1300
- canonical/huawei srg2300
- version/huawei srg2300/v200r005c32
- canonical/huawei srg3300
- version/huawei srg3300/v200r005c32