// For flags

CVE-2017-8167

 

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Huawei firewall products USG9500 V500R001C50 has a DoS vulnerability.A remote attacker who controls the peer device could exploit the vulnerability by sending malformed IKE packets to the target device. Successful exploit of the vulnerability could cause the device to restart.

Los productos de firewall de Huawei USG9500 V500R001C50 tienen una vulnerabilidad de denegación de servicio (DoS). Un atacante remoto que controle el dispositivo emparejado podría explotar la vulnerabilidad enviando paquetes IKE mal formados al dispositivo objetivo. Una explotación exitosa de la vulnerabilidad podría hacer que el dispositivo se reinicie.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-04-25 CVE Reserved
  • 2017-11-22 CVE Published
  • 2024-07-28 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Huawei
Search vendor "Huawei"
 Usg9500 Firmware
Search vendor "Huawei" for product "Usg9500 Firmware"
 v500r001c50
Search vendor "Huawei" for product "Usg9500 Firmware" and version "v500r001c50"
-
Affected
in Huawei
Search vendor "Huawei"
 Usg9500
Search vendor "Huawei" for product "Usg9500"
--
Safe