What is the severity of CVE-2017-8174?

CVE-2017-8174 has been classified as a high severity vulnerability due to its potential for confidential information leaks.

What systems are affected by CVE-2017-8174?

CVE-2017-8174 affects Huawei USG6300 and USG6600 series devices running specific firmware versions V100R001C30SPC300, V100R001C30SPC500, V100R001C30SPC600, V100R001C30SPC700, and V100R001C30SPC800.

How do I fix CVE-2017-8174?

To fix CVE-2017-8174, update the affected Huawei USG6300 and USG6600 firmware to a secure version not vulnerable to this weakness.

What type of vulnerability is CVE-2017-8174?

CVE-2017-8174 is a weak algorithm vulnerability allowing attackers to potentially crack cipher text.

Can CVE-2017-8174 lead to data breaches?

Yes, CVE-2017-8174 can lead to data breaches as it may allow unauthorized access to confidential information.

Vulnerability/
CVE-2017-8174

high

7.5

CWE

326

22/11/2017

17/9/2024

CVE-2017-8174: Weak Encryption

First published: Wed Nov 22 2017(Updated: )

Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algorithm vulnerability. Attackers may exploit the weak algorithm vulnerability to crack the cipher text and cause confidential information leaks on the transmission links.

Credit: psirt@huawei.com

Affected Software	Affected Version	How to fix
Huawei USG6300E firmware	=v100r001c30spc300
Huawei Secospace USG6300 firmware
Huawei Secospace USG6600 firmware	=v100r001c30spc500
Huawei Secospace USG6600 firmware	=v100r001c30spc600
Huawei Secospace USG6600 firmware	=v100r001c30spc700
Huawei Secospace USG6600 firmware	=v100r001c30spc800
Huawei Secospace USG6600 firmware

Never miss a vulnerability like this again

Reference Links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170802-01-usg-en

Frequently Asked Questions

What is the severity of CVE-2017-8174?
CVE-2017-8174 has been classified as a high severity vulnerability due to its potential for confidential information leaks.
What systems are affected by CVE-2017-8174?
CVE-2017-8174 affects Huawei USG6300 and USG6600 series devices running specific firmware versions V100R001C30SPC300, V100R001C30SPC500, V100R001C30SPC600, V100R001C30SPC700, and V100R001C30SPC800.
How do I fix CVE-2017-8174?
To fix CVE-2017-8174, update the affected Huawei USG6300 and USG6600 firmware to a secure version not vulnerable to this weakness.
What type of vulnerability is CVE-2017-8174?
CVE-2017-8174 is a weak algorithm vulnerability allowing attackers to potentially crack cipher text.
Can CVE-2017-8174 lead to data breaches?
Yes, CVE-2017-8174 can lead to data breaches as it may allow unauthorized access to confidential information.

agent/type
collector/mitre-cve
source/MITRE
agent/references
agent/weakness
agent/last-modified-date
agent/author
agent/severity
agent/event
agent/description
agent/first-publish-date
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
vendor/huawei
canonical/huawei usg6300e firmware
version/huawei usg6300e firmware/v100r001c30spc300
canonical/huawei secospace usg6300 firmware
canonical/huawei secospace usg6600 firmware
version/huawei secospace usg6600 firmware/v100r001c30spc500
version/huawei secospace usg6600 firmware/v100r001c30spc600
version/huawei secospace usg6600 firmware/v100r001c30spc700
version/huawei secospace usg6600 firmware/v100r001c30spc800

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.