CVE-2017-17136
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-17136
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10; V200R009C00; V200R010C00; S2700 V200R006C10; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S5700 V200R006C00; V200R007C00; V200R008C00; V200R009C00; V200R010C00; S6700 V200R008C00; V200R009C00; V200R010C00; S7700 V200R007C00; V200R008C00; V200R009C00; V200R010C00; S9700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; Secospace USG6300 V500R001C00; V500R001C30; Secospace USG6500 V500R001C00; V500R001C30; Secospace USG6600 V500R001C00; V500R001C30S; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00; TP3106 V100R002C00; TP3206 V100R002C00; V100R002C10; USG9500 V500R001C00; V500R001C30; ViewPoint 9030 V100R011C02; V100R011C03 has a heap overflow vulnerability due to insufficient verification. An authenticated local attacker can make processing crash by a malicious certificate. The attacker can exploit this vulnerability to cause a denial of service.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Huawei产品PEM模块缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Huawei DP300等都是中国华为(Huawei)公司的产品。DP300是一款视频会议终端。RP200是一款视频会议一体机设备。PEM module是其中的一个安全模块。 多款Huawei产品中的PEM模块存在堆溢出漏洞,该漏洞源于程序没有充分的执行校验。本地攻击者可通过构造恶意证书利用该漏洞造成拒绝服务(进程异常)。以下产品和版本受到影响:Huawei DP300 V500R002C00版本;IPS Module V500R001C00版本,V500R001C30版本;NGFW Module V50
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2017-17136
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-17136
Please Login to view more intelligence information
Same Patch Batch · Huawei Technologies Co., Ltd. · 2018-03-05 · 16 CVEs total
| CVE-2017-17131 | 多款Huawei产品安全漏洞 | |
| CVE-2017-17132 | Huawei VP9660 License模块格式化字符串漏洞 | |
| CVE-2017-17133 | Huawei VP9660 License模块安全漏洞 | |
| CVE-2017-17134 | 多款Huawei产品XML解释器安全漏洞 | |
| CVE-2017-17135 | 多款Huawei产品PEM模块缓冲区错误漏洞 | |
| CVE-2017-17137 | 多款Huawei产品PEM模块安全漏洞 | |
| CVE-2017-17138 | 多款Huawei产品PEM模块安全漏洞 | |
| CVE-2017-17139 | Huawei Mate 9和Mate 9 Pro 信息泄露漏洞 | |
| CVE-2017-17140 | Huawei Enjoy 5s和Y6 Pro 信息泄露漏洞 | |
| CVE-2017-17141 | 多款Huawei产品安全漏洞 | |
| CVE-2017-17142 | 多款Huawei产品缓冲区错误漏洞 | |
| CVE-2017-17143 | 多款Huawei产品缓冲区错误漏洞 | |
| CVE-2017-17144 | 多款Huawei产品SIP模块缓冲区错误漏洞 | |
| CVE-2017-8164 | 多款Huawei产品安全漏洞 | |
| CVE-2017-8165 | Huawei Mate 9 信息泄露漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2017-17136
No comments yet