Vulnerability Details CVE-2017-17305
Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implementations. Remote attackers can decrypt IPSEC tunnel ciphertext data by leveraging a Bleichenbacher RSA padding oracle. Cause a Bleichenbacher oracle attack. Successful exploit this vulnerability can impact IPSec tunnel security.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.6%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
Products affected by CVE-2017-17305
-
cpe:2.3:h:huawei:usg2205bsr:-
-
cpe:2.3:h:huawei:usg2220bsr:-
-
cpe:2.3:h:huawei:usg5120bsr:-
-
cpe:2.3:h:huawei:usg5150bsr:-
-
cpe:2.3:o:huawei:usg2205bsr_firmware:v300r001c10spc600
-
cpe:2.3:o:huawei:usg2220bsr_firmware:v300r001c00
-
cpe:2.3:o:huawei:usg5120bsr_firmware:v300r001c00
-
cpe:2.3:o:huawei:usg5150bsr_firmware:v300r001c00